Compare commits

...

4169 Commits

Author SHA1 Message Date
Bob Mottram 9646037a66 Mention forms of harassment in code of conduct 2018-06-19 16:12:41 +01:00
Bob Mottram db15ce22b2 Add no hostile communication to the code of conduct 2018-06-19 15:37:47 +01:00
Bob Mottram 9fd79e14af Include privacy statement in the code of conduct 2018-06-19 15:30:35 +01:00
Bob Mottram d4204bf3f7 Add no spamming rule to the code of conduct 2018-06-19 15:26:29 +01:00
Bob Mottram 609d9d18bd Mention code of conduct in faq 2018-06-19 15:19:01 +01:00
Bob Mottram d25f54e468 Ensure that hubzilla repos are no longer pointing to github 2018-06-19 12:34:35 +01:00
Bob Mottram d488d661a1 Update fedwiki version 2018-06-19 12:14:50 +01:00
Bob Mottram 9678bff85d Bump smolrss commit 2018-06-18 11:04:39 +01:00
Bob Mottram eb968b7cef datserver documentation 2018-06-17 19:34:55 +01:00
Bob Mottram ceedc3e08c dat address for website 2018-06-17 13:56:22 +01:00
Bob Mottram 9557af2f18 Space bar pressing is no longer needed 2018-06-16 21:53:50 +01:00
Bob Mottram 99113a8784 SIP is no longer supported 2018-06-16 21:47:06 +01:00
Bob Mottram 95acebdc94 Formatting 2018-06-16 21:40:38 +01:00
Bob Mottram 6b6133d662 Since letsencrypt is now automatic this isn't needed anymore 2018-06-16 21:22:37 +01:00
Bob Mottram 3ed2f5988d Reset tripwire 2018-06-16 21:18:43 +01:00
Bob Mottram 82b5e9677a Mention sata option 2018-06-16 21:09:58 +01:00
Bob Mottram 5f5b7f90fd dat link in readme 2018-06-16 14:55:58 +01:00
Bob Mottram 7a98745b15 Link to dat images file 2018-06-16 14:47:39 +01:00
Bob Mottram 525377683b Beaglebone install includes dat based source download 2018-06-16 14:40:46 +01:00
Bob Mottram 409f466a88 Update css 2018-06-16 14:26:28 +01:00
Bob Mottram 278eabd149 Copy dat links file into downloads directory 2018-06-16 13:57:45 +01:00
Bob Mottram 04f2fcd4ef Copy file containing dat links 2018-06-16 13:55:56 +01:00
Bob Mottram 78116a91d7 Obtain source code via dat 2018-06-16 13:52:03 +01:00
Bob Mottram 3070bb3514 Move social instance to dat download 2018-06-16 13:15:21 +01:00
Bob Mottram f3a2772e96 get source code via dat 2018-06-16 12:11:12 +01:00
Bob Mottram 60c89bc7eb Moving to image distribution via dat
This will scale much better
2018-06-16 11:38:29 +01:00
Bob Mottram d6d4e61d6f Wider 2018-06-16 10:56:59 +01:00
Bob Mottram ba51054588 Padding 2018-06-16 10:52:51 +01:00
Bob Mottram 39c9c4b5dd Even simpler index 2018-06-16 10:42:33 +01:00
Bob Mottram efc318db22 Less verbose index page 2018-06-16 10:32:25 +01:00
Bob Mottram e30f2fb913 Install wget 2018-06-15 22:50:39 +01:00
Bob Mottram 1210f0926c Updating mesh instructions 2018-06-15 22:46:04 +01:00
Bob Mottram c51e4d268e Hubzilla moves out of github 2018-06-15 12:51:35 +01:00
Bob Mottram 5d23e1b346 Nodejs version update 2018-06-15 11:47:12 +01:00
Bob Mottram 232516538e Bump smolrss commit 2018-06-14 21:21:56 +01:00
Bob Mottram 0d9dc1ad47 Typo 2018-06-14 17:32:43 +01:00
Bob Mottram 4425da1329 Update image links 2018-06-14 17:31:30 +01:00
Bob Mottram 13fb508140 Bump smolrss commit 2018-06-14 17:17:47 +01:00
Bob Mottram 5bc2f97011 Bump smolrss commit 2018-06-14 15:42:21 +01:00
Bob Mottram de13a2940c Don't shred
In most cases we're writing to a microSSD or SSD, so shredding doesn't make sense
2018-06-13 11:21:59 +01:00
Bob Mottram f14cbe5777 Bump pleroma commit 2018-06-12 15:36:51 +01:00
Bob Mottram 3a935f85d6 Bump cryptpad commit 2018-06-11 20:30:34 +01:00
Bob Mottram 67e6ceadb7 Improve user blocking in pleroma 2018-06-11 19:10:51 +01:00
Bob Mottram 2a68cf0ef3 Tidying 2018-06-11 17:19:42 +01:00
Bob Mottram fd16efd88e Still needs later php version 2018-06-11 13:53:08 +01:00
Bob Mottram 514cd6140b Another pixelfed attempt 2018-06-11 13:18:35 +01:00
Bob Mottram fe70b27555 Bump smolrss commit 2018-06-10 19:59:06 +01:00
Bob Mottram f8a293e4d5 Bump smolrss commit 2018-06-10 18:37:05 +01:00
Bob Mottram 37b39c2960 Bump pleroma commit 2018-06-10 11:41:40 +01:00
Bob Mottram 265b99ef70 Bump smolrss commit 2018-06-09 18:36:39 +01:00
Bob Mottram c6ca3e5c4b Simplify 2018-06-09 14:32:02 +01:00
Bob Mottram 3fe5830e02 Switch project repo if its the old one 2018-06-09 11:47:48 +01:00
Bob Mottram ab4b78778b Prevent apps from being installed or removed during upgrades 2018-06-09 10:40:44 +01:00
Bob Mottram 83ea67971e Skip upgrade if letsencrypt is upgrading its certificates 2018-06-09 10:23:04 +01:00
Bob Mottram 9a150445e6 Remove temporary renewal file if it exists 2018-06-09 10:19:55 +01:00
Bob Mottram 99fc662547 If a collision happens between cert upgrade and general upgrade then create the failure file so that retries will happen 2018-06-09 10:15:14 +01:00
Bob Mottram e20a24a9ca Try to prevent any collisions between upgrades and letsencrypt certificate updates 2018-06-09 10:10:01 +01:00
Bob Mottram 58b059c803 Merge branch 'stretch' of https://code.freedombone.net/bashrc/freedombone into stretch 2018-06-09 09:59:53 +01:00
Bob Mottram 03bfbc7a9f Remove expiry script if gs/pA is removed 2018-06-09 09:59:47 +01:00
Bob Mottram 10a44e0f89 Note about omemo 2018-06-07 21:58:45 +01:00
Bob Mottram 25ecacc3fa Mention companion app 2018-06-05 17:26:14 +01:00
Bob Mottram 752e1c5d61 Faq entry no longer valid 2018-06-05 17:21:29 +01:00
Bob Mottram f9adfc8d8a Faq entry no longer valid 2018-06-05 17:19:44 +01:00
Bob Mottram 3bd718df22 quotes 2018-06-05 16:44:55 +01:00
Bob Mottram 611a6759ff Upgrade gogs 2018-06-05 16:41:18 +01:00
Bob Mottram 43cf7e3d20 Update repo urls 2018-06-05 11:29:00 +01:00
Bob Mottram 56a95cf0ba Remove gnusocial ttrss plugin 2018-06-05 11:20:21 +01:00
Bob Mottram 14f4261574 Update web documentation for move away from github 2018-06-04 18:40:53 +01:00
Bob Mottram ac76bf4eaf Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-06-04 15:11:35 +01:00
Bob Mottram cb47d504c5 Switch project repo 2018-06-04 15:11:00 +01:00
Bob Mottram dd790f3733 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-06-03 23:15:20 +01:00
Bob Mottram c93b8ecf20 Dialog size 2018-06-03 14:20:44 +01:00
Bob Mottram 6674d0ddc6 Dialog height 2018-06-03 14:19:34 +01:00
Bob Mottram c6c72d4b38 New menu style for pihole 2018-06-03 14:14:45 +01:00
Bob Mottram c8791dcad3 bump pihole commit 2018-06-03 13:57:38 +01:00
Bob Mottram 86b9ae3e38 Run mix as the pleroma user 2018-06-03 11:21:32 +01:00
Bob Mottram 4050566aa0 Add the admin user as a moderator 2018-06-03 11:20:48 +01:00
Bob Mottram 76f8b0d9a6 Extra nginx setting for pleroma 2018-06-03 10:52:15 +01:00
Bob Mottram 0d8fe26da3 Avoid problem with matrix after installing apps 2018-06-03 10:07:07 +01:00
Bob Mottram 93fc9b2613 Bump pleroma commit 2018-06-03 10:02:34 +01:00
Bob Mottram ae0806184b Update prosody modules to include the latest mod_block_strangers 2018-06-02 21:10:11 +01:00
Bob Mottram 00288b26f8 Block xmpp messages from strangers to mitigate spam, but still allow contact requests 2018-06-02 21:03:27 +01:00
Bob Mottram 988f2dd394 Deprecate microblogpub 2018-06-02 17:25:59 +01:00
Bob Mottram 88e4272d7a Use python 3 2018-06-02 15:36:50 +01:00
Bob Mottram 35ff9c7892 Single 2018-06-02 14:59:35 +01:00
Bob Mottram 9f8328621b fed 2018-06-01 22:08:28 +01:00
Bob Mottram 713b433cd3 Disable pixelfed for now
It needs a later version of php than exists in debian
2018-06-01 18:42:40 +01:00
Bob Mottram ae55c84b0b Handle onion address for pixelfed 2018-06-01 18:30:51 +01:00
Bob Mottram 6262163073 Initial pixelfed app 2018-06-01 18:29:16 +01:00
Bob Mottram 97460be6b3 Recommend webm 2018-06-01 11:45:53 +01:00
Bob Mottram 2824837420 Improve peertube upgrade 2018-06-01 11:15:36 +01:00
Bob Mottram 5f45cb66b7 Upgrade script for peertube 2018-06-01 10:52:45 +01:00
Bob Mottram 2b92faa50f Turn off default transcoding 2018-06-01 10:31:15 +01:00
Bob Mottram aafac55ba0 Bump peertube commit 2018-06-01 10:24:20 +01:00
Bob Mottram d674ead225 Update prosody to 0.10.2 2018-05-31 19:46:46 +01:00
Bob Mottram 0661895206 Beginning of microblog.pub 2018-05-31 19:44:21 +01:00
Bob Mottram 85da8924af Merge branch 'master' of https://github.com/bashrc/freedombone 2018-05-31 09:51:39 +01:00
Bob Mottram 4e3ab94ac8 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-31 09:50:54 +01:00
Bob Mottram 43b948e932 Current directory 2018-05-30 21:24:13 +01:00
Bob Mottram 1c654d953b Create network directory if necessary 2018-05-30 20:05:51 +01:00
Bob Mottram 6e15e2265d Install patch package 2018-05-30 19:36:28 +01:00
Bob Mottram 74604fce41 Setup dependency 2018-05-30 19:31:46 +01:00
Bob Mottram 3228552278 Wait longer at end of cryptpad install 2018-05-30 18:39:40 +01:00
Bob Mottram a3a46febe4 Fixing cryptpad 2018-05-30 18:34:18 +01:00
Bob Mottram b9153855fd Bump cryptpad commit 2018-05-30 14:32:48 +01:00
Bob Mottram 4985cb396e Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-28 19:18:45 +01:00
Bob Mottram b368479d1f android app descriptions 2018-05-28 14:47:12 +01:00
Bob Mottram 9b1da7f4aa Improve android app icons 2018-05-28 14:29:43 +01:00
Bob Mottram af6f960b76 Better peertube icon 2018-05-28 12:55:30 +01:00
Bob Mottram 253c85d0a7 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-27 21:40:34 +01:00
Bob Mottram 0536dad607 Brighter pleroma logo 2018-05-27 13:52:04 +01:00
Bob Mottram 65ed02df52 Increase contrast of pleroma logo 2018-05-27 13:39:16 +01:00
Bob Mottram bba4efc956 Add pleroma logo for android app 2018-05-27 13:23:24 +01:00
Bob Mottram 757313ee3a Try to ensure that avahi serices always remain visible on the LAN 2018-05-27 12:58:09 +01:00
Bob Mottram cc875c00fe Tidying 2018-05-27 11:39:59 +01:00
Bob Mottram 77795c542f Tidying 2018-05-27 11:36:17 +01:00
Bob Mottram fc004e746f Ensure that the avahi daemon keeps running 2018-05-27 11:15:16 +01:00
Bob Mottram 989c48f88b Switch from git to gogs to maintain consistency 2018-05-26 21:30:14 +01:00
Bob Mottram 795f216d2b default_server 2018-05-26 21:22:59 +01:00
Bob Mottram 71364b75f2 Standardize android app icon sizes 2018-05-26 20:37:49 +01:00
Bob Mottram b4bfd17978 Change xmpp app icon name 2018-05-26 19:25:58 +01:00
Bob Mottram 91ee2f2891 Don't create api directory 2018-05-26 19:24:34 +01:00
Bob Mottram 601a402bc2 Write plinth api to json file 2018-05-26 18:59:04 +01:00
Bob Mottram 5776a4bb93 plinth api directory 2018-05-26 18:58:13 +01:00
Bob Mottram b597ac0971 Add rewrites for json api 2018-05-26 18:57:18 +01:00
Bob Mottram 6340860ba9 Square brackets around description 2018-05-26 18:53:36 +01:00
Bob Mottram 4ea4d6ed5f Ensure that letsencrypt certs are not used for the local domain 2018-05-26 15:44:13 +01:00
Bob Mottram 731c2f000f Create new file 2018-05-26 15:40:03 +01:00
Bob Mottram 8e802844f1 Restart web server 2018-05-26 15:36:12 +01:00
Bob Mottram 50363c6c6a Get the local hostname first 2018-05-26 15:33:38 +01:00
Bob Mottram 5f2aa9e5e9 Create a self-signed cert for the local domain if it doesn't exist 2018-05-26 15:32:21 +01:00
Bob Mottram b45b94cd5e Create a self signed cert for the local domain 2018-05-26 15:29:13 +01:00
Bob Mottram 22436fbf55 Remove debugging 2018-05-26 14:08:01 +01:00
Bob Mottram 8d0af3659d Increment when continuing 2018-05-26 13:57:23 +01:00
Bob Mottram 3adf736179 Remove condition 2018-05-26 13:41:15 +01:00
Bob Mottram a0d4f75633 Add logging 2018-05-26 13:28:49 +01:00
Bob Mottram 622c47ebc8 ControlDLNA app no longer exists in f-droid 2018-05-25 23:16:20 +01:00
Bob Mottram 95d11130de Icons for android app 2018-05-25 22:17:53 +01:00
Bob Mottram 72830a82af Not desirable, but have the option to specify apps from play 2018-05-25 20:09:29 +01:00
Bob Mottram 9737d2cc45 Prepend https to domains 2018-05-25 20:06:38 +01:00
Bob Mottram d182906ee1 Don't check for zero 2018-05-25 19:46:43 +01:00
Bob Mottram 62e6afd6b5 Keep platforms together 2018-05-25 19:44:26 +01:00
Bob Mottram 8f58083d22 Getting domain name 2018-05-25 19:26:23 +01:00
Bob Mottram 0bd2b8c8f3 Add quotes 2018-05-25 18:55:59 +01:00
Bob Mottram c32d3884ac Remove quotes 2018-05-25 18:53:28 +01:00
Bob Mottram b96ab2849d Read domain variables from configuration file 2018-05-25 18:50:32 +01:00
Bob Mottram d59aa5dac9 Simplify 2018-05-25 18:45:09 +01:00
Bob Mottram 26c6a36b72 Handle commented out variables 2018-05-25 18:15:24 +01:00
Bob Mottram d99d46acd5 Quotes 2018-05-25 17:35:28 +01:00
Bob Mottram 34079951ce If there is no short description then don't include within android app 2018-05-25 17:30:00 +01:00
Bob Mottram dad0b391f5 Add mobile app variables to app scripts 2018-05-25 17:27:55 +01:00
Bob Mottram fe963a94d6 Hack to try to ensure nginx failures don't happen when matrix is installed 2018-05-25 15:36:06 +01:00
Bob Mottram 95b0f1cbee Only add web client if a corresponding domain variable exists 2018-05-25 15:34:09 +01:00
Bob Mottram 287ad1b2d4 Detect installed apps 2018-05-25 15:20:26 +01:00
Bob Mottram 89794b7b16 Support for freedombox android app 2018-05-25 15:17:34 +01:00
Bob Mottram 309687a43a Create directory for android app integration 2018-05-25 12:19:17 +01:00
Bob Mottram b9875f94cb Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-25 10:37:43 +01:00
Bob Mottram 01d3c2fb74 Update readme 2018-05-25 10:36:20 +01:00
Bob Mottram 6ea6d928b3 Better membership instructions 2018-05-24 21:43:15 +01:00
Bob Mottram 417cd76388 Show public key block on support page 2018-05-24 21:39:09 +01:00
Bob Mottram 2af31a4a08 Mention membership 2018-05-24 21:24:24 +01:00
Bob Mottram f591090f07 Link to information about backups 2018-05-24 21:19:14 +01:00
Bob Mottram af88095e08 Mention xmpp support channel membership 2018-05-24 21:16:55 +01:00
Bob Mottram eec2cab370 Merge branch 'stretch' of https://github.com/bashrc/freedombone into stretch 2018-05-24 21:12:01 +01:00
Bob Mottram a7576e0581 Tor messenger is deprecated 2018-05-24 21:11:35 +01:00
Bob Mottram e685d0ec19 Bump pleroma commit 2018-05-24 19:14:41 +01:00
Bob Mottram d36f92711a Mention syncthing-gtk 2018-05-24 13:41:14 +01:00
Bob Mottram c7d16657a6 New style syncthing menu 2018-05-24 13:33:44 +01:00
Bob Mottram 6781dba015 Selecting apps on the user control panel 2018-05-24 13:17:11 +01:00
Bob Mottram 8861e41128 Changed user menu 2018-05-24 12:59:48 +01:00
Bob Mottram 5a050d360c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-23 18:16:36 +01:00
Bob Mottram 77993fb229 Better email log handling 2018-05-23 18:14:34 +01:00
Bob Mottram 8eb28483f0 chmod 2018-05-23 18:05:59 +01:00
Bob Mottram e803b6b130 Remove ip addresses from email logs 2018-05-23 17:51:07 +01:00
Bob Mottram 45c117a7a2 Update riot hash 2018-05-23 13:11:18 +01:00
Bob Mottram 47869af5d6 Upgrade riot version 2018-05-23 13:09:37 +01:00
Bob Mottram efd32577e5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-23 13:04:58 +01:00
Bob Mottram 6ba9c72af4 Upgrade matrix to 0.30.0 2018-05-23 12:57:10 +01:00
Bob Mottram 159ee9002c Additional package needed for matrix 2018-05-23 12:53:45 +01:00
Bob Mottram 7c192ca046 pynacl version 2018-05-23 12:50:58 +01:00
Bob Mottram 7a6c52b487 Set temp directory for matrix upgrades 2018-05-23 12:43:25 +01:00
Bob Mottram 26b237f09c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-23 12:30:20 +01:00
Bob Mottram 92e44c6147 Merge branch 'stretch' of https://github.com/bashrc/freedombone into stretch 2018-05-23 12:29:13 +01:00
Bob Mottram 77ef565a3c Matrix synapse 0.28.1 2018-05-23 12:28:52 +01:00
Bob Mottram 56a8a7ac7e Bump smolrss commit 2018-05-21 21:40:14 +01:00
Bob Mottram e483f37c00 Hackmd seems hard to install, especially on arm
Particularly the node package markdown-pdf
2018-05-21 19:48:30 +01:00
Bob Mottram 0291dbdbf1 Extra packages 2018-05-21 19:47:29 +01:00
Bob Mottram e570985bfe Extra node packages 2018-05-21 18:14:18 +01:00
Bob Mottram 2d934d1fdd Restart nginx on removal 2018-05-21 14:27:20 +01:00
Bob Mottram 749f8ab283 Extra environment variables 2018-05-21 14:24:55 +01:00
Bob Mottram d592ad2619 Extra quotes 2018-05-21 13:58:00 +01:00
Bob Mottram e03d056d8a Beginning of hackmd 2018-05-21 13:45:54 +01:00
Bob Mottram 708e0b45ea Options to switch smolrss themes 2018-05-20 13:21:18 +01:00
Bob Mottram 73f269bca7 Bump smolrss commit 2018-05-20 13:17:25 +01:00
Bob Mottram b066aef973 No need to create certificate for smolrss 2018-05-20 10:46:23 +01:00
Bob Mottram e45adfc520 Mention noscript 2018-05-19 23:13:05 +01:00
Bob Mottram 73dd18371f Documentation for smolrss 2018-05-19 23:02:48 +01:00
Bob Mottram a7d7c5240d Reduce dialog height 2018-05-19 22:35:52 +01:00
Bob Mottram 61f1ed2e1e Regenerate feeds after upgrades 2018-05-19 22:33:02 +01:00
Bob Mottram ef52dc23b7 Set domain name 2018-05-19 22:27:36 +01:00
Bob Mottram 9e5b32d42c Change onion port 2018-05-19 22:25:01 +01:00
Bob Mottram 7ffa98d7fd smolrss app 2018-05-19 22:21:26 +01:00
Bob Mottram 4366396c9c Don't need extra onion removal on removing xmpp 2018-05-19 10:03:30 +01:00
Bob Mottram 5514550f48 Switch xmpp to v3 onion addresses 2018-05-19 10:01:38 +01:00
Bob Mottram 2e7f9427f8 Bump pleroma commit 2018-05-17 20:20:52 +01:00
Bob Mottram 80a98b7cd5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-17 18:50:36 +01:00
Bob Mottram 1c817365ca Lemaker Banana Pro build support 2018-05-17 18:49:56 +01:00
Bob Mottram 2f9f5be961 More explicit instructions on copying image 2018-05-17 18:05:24 +01:00
Bob Mottram 5f01c28c7d Abandon readers 2018-05-17 16:52:08 +01:00
Bob Mottram cb2b607eb4 gnome-orca 2018-05-17 16:07:32 +01:00
Bob Mottram 6049101caa node version 2018-05-17 15:14:44 +01:00
Bob Mottram a15a45310d Include screen reader in mesh client 2018-05-17 15:04:55 +01:00
Bob Mottram 9f46dded25 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-16 17:45:18 +01:00
Bob Mottram 3eecbbc734 Add libtool package for inadyn configure 2018-05-16 17:44:00 +01:00
Bob Mottram f50d7fe5c7 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-16 17:00:15 +01:00
Bob Mottram 63914893fe Rocketchat has no admin settings 2018-05-16 16:14:28 +01:00
Bob Mottram 465a2fb5f0 Documentation for rocketchat 2018-05-16 15:51:32 +01:00
Bob Mottram 71cc89c713 Disable https content security for rocket chat
Otherwise it won't load
2018-05-16 14:46:37 +01:00
Bob Mottram eead93e78e Generic freedns match 2018-05-16 14:33:49 +01:00
Bob Mottram 90c5a41d47 Dialog height 2018-05-16 14:32:16 +01:00
Bob Mottram 387851ee1b Rocketchat doesn't work on ARM, probably because of meteor and/or mongodb 2018-05-16 14:26:46 +01:00
Bob Mottram bb67f0ac37 Exit instead of return if no package name is given 2018-05-16 13:59:41 +01:00
Bob Mottram 9f999b6887 Functions for adding and removing snap packages 2018-05-16 13:52:23 +01:00
Bob Mottram 8bee775b67 Update mailpile with efail fixes 2018-05-16 12:54:04 +01:00
Bob Mottram b845514646 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-16 10:16:00 +01:00
Bob Mottram e4847ae150 Update prosody version to 0.10.1 release 2018-05-16 09:55:28 +01:00
Bob Mottram e1a877eb67 Change gogs port number 2018-05-15 22:57:16 +01:00
Bob Mottram a4c761059b Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-15 12:29:36 +01:00
Bob Mottram a4b1a7903d Restart the mailpile daemon after upgrades 2018-05-15 12:25:48 +01:00
Bob Mottram 0243866ac9 Extra mailpile debian packages 2018-05-15 12:23:11 +01:00
Bob Mottram e6e24f3a3b Bump mailpile commit 2018-05-15 12:06:07 +01:00
Bob Mottram 9a72c76e23 Make nextcloud server side encryption optional 2018-05-15 10:50:54 +01:00
Bob Mottram c5ce8cfcab Bump nextcloud commit 2018-05-15 10:30:55 +01:00
Bob Mottram b1ef90bef9 Allow weekly and monthly pastes 2018-05-15 10:09:47 +01:00
Bob Mottram 179521763c Change gogs port 2018-05-14 23:06:41 +01:00
Bob Mottram 399c705f17 Another attempt at rocketchat using snap 2018-05-14 22:31:44 +01:00
Bob Mottram 275b915d17 Specify internal port within template command 2018-05-14 22:11:31 +01:00
Bob Mottram 855816f05b Template option to install snap packages 2018-05-14 19:52:04 +01:00
Bob Mottram 40f6ed2c26 Extra packages example 2018-05-14 19:45:13 +01:00
Bob Mottram e1574b49c1 Option to install extra packages 2018-05-14 19:42:30 +01:00
Bob Mottram e75e9333fe Tidying 2018-05-13 21:44:41 +01:00
Bob Mottram 32403cbd1c Tidying 2018-05-13 21:42:53 +01:00
Bob Mottram 9d7e1c5263 Tidying 2018-05-13 21:41:23 +01:00
Bob Mottram a9ff261133 inadyn doesn't need openssl library 2018-05-13 21:38:56 +01:00
Bob Mottram a14781337f Ensure correct permissions on data directory during upgrades 2018-05-13 19:42:03 +01:00
Bob Mottram ea971e5682 Change permission on privatebin data directory
Avoids server error
2018-05-13 19:36:56 +01:00
Bob Mottram 5d69970f33 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-13 16:19:28 +01:00
Bob Mottram 15f0e0c28d Include openssl development library 2018-05-13 16:18:37 +01:00
Bob Mottram 935efed504 Link to repo within daemon 2018-05-13 13:36:09 +01:00
Bob Mottram 1daf58fcd2 Report tor status as starting if uptime is small 2018-05-13 12:39:07 +01:00
Bob Mottram 00244a05db Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-13 12:01:59 +01:00
Bob Mottram 800ec2febc Include xmpp channel 2018-05-13 12:01:28 +01:00
Bob Mottram 076ddb8bb4 Include xmpp channel 2018-05-13 11:59:24 +01:00
Bob Mottram 5aabd2c130 USB canary includes details of the device which was connected or disconnected 2018-05-13 10:58:10 +01:00
Bob Mottram 1b349bbd53 Allow some uptime before reporting gnusocial/postactiv daemon restart 2018-05-13 10:14:13 +01:00
Bob Mottram 924577a6f2 Prevent usb canary from being activated during upgrades 2018-05-13 09:53:00 +01:00
Bob Mottram 551ff38736 Increase uptime threshold for USB canary 2018-05-13 09:47:31 +01:00
Bob Mottram 8dd130839e Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-12 22:13:23 +01:00
Bob Mottram fe6f27c9d4 Fixing inadyn around using a wildcarded default domain name 2018-05-12 21:41:54 +01:00
Bob Mottram 5a24012929 Inadyn systemd daemon 2018-05-12 19:28:30 +01:00
Bob Mottram cb21669a63 Remove debug 2018-05-12 19:16:10 +01:00
Bob Mottram 1416af54a5 Change freedns provider name on inadyn upgrade 2018-05-12 19:10:46 +01:00
Bob Mottram df312b118e Also remove old inadyn repo during upgrade 2018-05-12 19:06:13 +01:00
Bob Mottram 838e7328a2 Also remove the inadyn repo from the configuration file 2018-05-12 19:01:53 +01:00
Bob Mottram e6683e0f1c Debug 2018-05-12 18:56:04 +01:00
Bob Mottram 5e82c6dd5d Typo 2018-05-12 18:51:32 +01:00
Bob Mottram 105c2a78e3 Remove commit if the old inadyn binary is found 2018-05-12 18:49:19 +01:00
Bob Mottram 0dbb5c0c6c Remove commit if the old inadyn binary is found 2018-05-12 18:48:01 +01:00
Bob Mottram e0ee4dc9f8 Configuration file 2018-05-12 18:41:07 +01:00
Bob Mottram 27a83a9286 Remove the inadyn commit from the completion file 2018-05-12 18:38:11 +01:00
Bob Mottram 285e7b453b Add debug 2018-05-12 18:32:19 +01:00
Bob Mottram 1de4feca45 Add debug 2018-05-12 18:29:50 +01:00
Bob Mottram 4ebdd8479e Add debug 2018-05-12 18:27:44 +01:00
Bob Mottram 45e1e83e63 Don't sync if upgrading inadyn repo 2018-05-12 18:25:30 +01:00
Bob Mottram a30f751b06 Remove old repo sooner 2018-05-12 18:23:35 +01:00
Bob Mottram 6e80322597 Remove old repo if it exists 2018-05-12 18:15:47 +01:00
Bob Mottram 758568200a Don't add inadyn to completion file 2018-05-12 18:04:41 +01:00
Bob Mottram 06b428e855 Only create inadyn config file if it doesn't exist 2018-05-12 18:03:35 +01:00
Bob Mottram f3e0653908 Installation of inadyn within images 2018-05-12 17:59:59 +01:00
Bob Mottram 295601f375 Upgrade inadyn 2018-05-12 17:53:21 +01:00
Bob Mottram ead7f41f3e Upgrade inadyn 2018-05-12 17:49:43 +01:00
Bob Mottram ff0ba8b806 Move to upgraded version of inadyn 2018-05-12 17:48:20 +01:00
Bob Mottram a3e6ce965c inadyn confile file variable 2018-05-12 13:30:47 +01:00
Bob Mottram ac0b5304e4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-12 13:25:22 +01:00
Bob Mottram bd7f8b4a91 Add inadyn username and password if they don't exist 2018-05-12 13:24:44 +01:00
Bob Mottram 112ff52ad3 Move function into dns utils 2018-05-12 12:20:29 +01:00
Bob Mottram 5ddf572037 Include dns utils 2018-05-12 12:19:37 +01:00
Bob Mottram 4c8756ad23 Re-append any aliases after changing dynamic dns provider 2018-05-12 12:17:56 +01:00
Bob Mottram 76fc730b00 sed syntax 2018-05-12 12:12:48 +01:00
Bob Mottram 9af6ffe895 Remove existing ddns provider when changing ddns settings 2018-05-12 12:10:08 +01:00
Bob Mottram a99c7200af Don't need to clear because nothing shown 2018-05-12 12:05:05 +01:00
Bob Mottram 12ba5d630e Dynamic dns doesn't apply on onion only installs 2018-05-12 12:04:02 +01:00
Bob Mottram cefb7e1a09 Add other ddns variables 2018-05-12 12:00:40 +01:00
Bob Mottram a1962c89d3 Move variable to start of file 2018-05-12 11:59:25 +01:00
Bob Mottram 998a98acb5 Change inadyn username and password 2018-05-12 11:58:07 +01:00
Bob Mottram 782d5567da Clear screen after setting ddns 2018-05-12 11:22:03 +01:00
Bob Mottram 3401badee7 Clear screen after setting ddns 2018-05-12 11:20:28 +01:00
Bob Mottram cb02501870 Read ddns variables after they are defined 2018-05-12 11:18:29 +01:00
Bob Mottram 44205567db Don't need vars 2018-05-12 11:15:15 +01:00
Bob Mottram 39a624a19a Don't need to save if nothing happens 2018-05-12 11:14:20 +01:00
Bob Mottram 97b25053bf Separate command to change dynamic dns settings 2018-05-12 11:11:57 +01:00
Bob Mottram 4bdd922522 Onion address for website 2018-05-12 10:48:14 +01:00
Bob Mottram 7dcfd40b72 Change title to make freedns explicit 2018-05-12 10:40:17 +01:00
Bob Mottram 7f91644044 quotes 2018-05-12 10:38:35 +01:00
Bob Mottram 55afa267e6 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-11 22:23:22 +01:00
Bob Mottram faa121a94e Tidy up the dynamic dns list, removing dead domains
google is also removed, because google
2018-05-11 22:21:19 +01:00
Bob Mottram 4ef9846dd4 3322.org appears to no longer exist 2018-05-11 22:07:31 +01:00
Bob Mottram 2ddec8b0f2 tzo.com appears to no longer exist 2018-05-11 22:04:28 +01:00
Bob Mottram 4b6ae8bde1 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-11 21:57:22 +01:00
Bob Mottram 2921a32cd7 Remove duckdns
Only supports logins with Twitter, Google, Facebook, etc
2018-05-11 21:56:43 +01:00
Bob Mottram f6857e3b3a Less width 2018-05-11 17:28:02 +01:00
Bob Mottram b97d1e1d58 Less width 2018-05-11 17:26:51 +01:00
Bob Mottram 2afc36c10c gpg public key 2018-05-11 17:24:03 +01:00
Bob Mottram 53938c9856 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-11 15:12:34 +01:00
Bob Mottram bf0b31aa7f Fix static analysis warnings 2018-05-11 15:11:01 +01:00
Bob Mottram 89be347596 Remove rocketchat and meteor
Meteor is genuinely hard to install and I don't regard curl | bash as an adequate or safe install method
2018-05-11 15:08:37 +01:00
Bob Mottram 3ffb909119 Check that rocketchat installs 2018-05-11 14:34:44 +01:00
Bob Mottram 68f89d655a Set some app flags 2018-05-11 13:51:23 +01:00
Bob Mottram 71c2059742 Some apps will not install on arm 2018-05-11 13:43:54 +01:00
Bob Mottram 5442dd106c Stop exim daemon when removing excess processes 2018-05-11 13:27:19 +01:00
Bob Mottram 5e9efd52bf Initial rocketchat app 2018-05-11 12:56:18 +01:00
Bob Mottram cbffa5b975 Include mongodb in template manpage 2018-05-11 11:03:50 +01:00
Bob Mottram 6d7cd198bb Template support for mongodb 2018-05-11 11:00:06 +01:00
Bob Mottram e34bca9eac Tidying 2018-05-10 21:01:00 +01:00
Bob Mottram d8de09c074 manpage got client command 2018-05-10 20:58:54 +01:00
Bob Mottram f8df659058 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-10 20:50:41 +01:00
Bob Mottram e3237fffad Monkeysphere is deprecated 2018-05-10 20:50:12 +01:00
Bob Mottram ca865e6ba1 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-10 20:37:39 +01:00
Bob Mottram 03e32c6de5 Comments 2018-05-10 20:37:16 +01:00
Bob Mottram e0e1dd7fb3 Continuous integration option 2018-05-10 20:07:33 +01:00
Bob Mottram fef7299fae Increase height of dialog 2018-05-10 18:27:28 +01:00
Bob Mottram 62022fb410 Describe bmx7 as experimental 2018-05-10 14:54:14 +01:00
Bob Mottram 30aeea80ba Add bmx7 to the routing selection 2018-05-10 14:37:16 +01:00
Bob Mottram 8def8ec0e1 Add bmx7 kernel modules 2018-05-10 13:58:10 +01:00
Bob Mottram 2cf96caf18 Comments 2018-05-10 12:39:18 +01:00
Bob Mottram 334f6aff94 Extra sync 2018-05-10 11:49:54 +01:00
Bob Mottram fac5859a3b Skip bad blocks when writing images 2018-05-10 11:43:46 +01:00
Bob Mottram 0949cad2d2 Continuous integration variable 2018-05-10 11:13:31 +01:00
Bob Mottram cc65eb1634 Re-enable bmx7 2018-05-10 10:18:06 +01:00
Bob Mottram b758b2f203 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-09 21:17:07 +01:00
Bob Mottram 6e578a8bb7 Comments 2018-05-09 21:16:31 +01:00
Bob Mottram 3e913e5887 Prevent mail processes from proliferating 2018-05-09 21:11:50 +01:00
Bob Mottram e79f2c9390 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-09 18:22:35 +01:00
Bob Mottram b6467fdea0 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-09 18:21:12 +01:00
Bob Mottram 4321770ee5 Invert logic 2018-05-09 17:41:37 +01:00
Bob Mottram fa49e53734 Don't list apps when there's not enough ram to install them 2018-05-09 17:38:17 +01:00
Bob Mottram fcb209d3a9 Tidying 2018-05-09 16:17:10 +01:00
Bob Mottram ddb9b7a353 Remove redundant function 2018-05-09 16:14:31 +01:00
Bob Mottram 992bde2f97 Index scope 2018-05-09 16:08:41 +01:00
Bob Mottram 352b259bbb Extra onion app checks 2018-05-09 15:43:45 +01:00
Bob Mottram a1a7e92d90 Avoid bad app sequence 2018-05-09 15:33:48 +01:00
Bob Mottram c98b2f2e00 Invert logic 2018-05-09 14:30:15 +01:00
Bob Mottram 1af2de4090 Some apps not installable on onion only version 2018-05-09 14:28:34 +01:00
Bob Mottram 1eaefd9c36 Disable gnusocial and postactiv on onion only installs
There are database problems possibly related to being primarily on an onion address
2018-05-09 13:08:53 +01:00
Bob Mottram 4321313922 Some extra kills when removing gnusocial/postactiv 2018-05-08 22:34:59 +01:00
Bob Mottram 7345b7b629 Revert 2018-05-08 21:13:17 +01:00
Bob Mottram 22132e1241 Try postactiv with different server name 2018-05-08 20:25:59 +01:00
Bob Mottram 519d3ee197 Starting gnusocial daemons 2018-05-08 18:58:16 +01:00
Bob Mottram 2d45c34f22 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-08 14:09:19 +01:00
Bob Mottram 4a5c9c8d55 Also show the key 2018-05-08 14:04:28 +01:00
Bob Mottram 863eca60fb Loop on the about screen 2018-05-08 14:02:43 +01:00
Bob Mottram 73fe5d686b Too many onions 2018-05-08 13:59:40 +01:00
Bob Mottram ddfd249c82 Index 2018-05-08 13:58:11 +01:00
Bob Mottram 99cf8b4419 Better detection of onion address 2018-05-08 13:56:52 +01:00
Bob Mottram 1cce575ccd double 2018-05-08 13:48:12 +01:00
Bob Mottram 6d66aacf2e Extracting the onion address from about array 2018-05-08 13:45:18 +01:00
Bob Mottram f2c9325b9b Show QR code for selected about screen entries on control panel 2018-05-08 13:29:38 +01:00
Bob Mottram 7806870ca9 Show public key as a qrcode 2018-05-08 10:28:08 +01:00
Bob Mottram 20f4d14373 password 2018-05-07 19:01:45 +01:00
Bob Mottram 0537f73da0 Option to run the build script as root 2018-05-07 18:59:19 +01:00
Bob Mottram 2c1cb79323 Continuous integration documentation 2018-05-07 18:46:31 +01:00
Bob Mottram bbc0bc9910 Tidying 2018-05-07 18:29:24 +01:00
Bob Mottram df942c46ce Invert logic 2018-05-07 17:34:54 +01:00
Bob Mottram 0c20a62fdd Combine xz command into a single line 2018-05-07 16:49:17 +01:00
Bob Mottram c9dbf860fc fix chown 2018-05-07 15:40:12 +01:00
Bob Mottram b7e2eb4b43 makefile condition 2018-05-07 15:36:40 +01:00
Bob Mottram ad70f564ba then 2018-05-07 15:31:43 +01:00
Bob Mottram 7b00e3f2d1 Tidying 2018-05-07 15:25:41 +01:00
Bob Mottram e29bcb7e4a manpage update 2018-05-07 15:15:20 +01:00
Bob Mottram dfc1272cb3 Continuous integration build option 2018-05-07 15:09:59 +01:00
Bob Mottram 9d17c789ba No echo 2018-05-06 18:50:11 +01:00
Bob Mottram e6f04a7f60 Improve mesh firewall to block common bad guys 2018-05-06 13:01:48 +01:00
Bob Mottram 54a6af6963 Add mozilla telemetry to recommended blocked domains 2018-05-06 12:53:44 +01:00
Bob Mottram 743cd8dd32 quiet 2018-05-06 12:47:50 +01:00
Bob Mottram c8fe0145a1 Additional firefox telemetry blocking 2018-05-06 12:46:47 +01:00
Bob Mottram fa3726b5f9 Tidying 2018-05-06 10:47:46 +01:00
Bob Mottram 9f91551bc6 Tests directory 2018-05-06 10:46:12 +01:00
Bob Mottram 5c0c70b296 hints 2018-05-06 10:41:34 +01:00
Bob Mottram 719b813157 Two separate conditions 2018-05-06 10:33:53 +01:00
Bob Mottram cde6df9dcc style 2018-05-06 10:29:23 +01:00
Bob Mottram 64060a4a10 Check that openssh client and server are installed 2018-05-06 10:20:53 +01:00
Bob Mottram 31dd378f6f Block firefox telemetry on mesh 2018-05-05 16:11:50 +01:00
Bob Mottram 89e1f99244 Make variable accessible 2018-05-05 15:48:51 +01:00
Bob Mottram 95453f8205 Block firefox telemetry 2018-05-05 15:48:12 +01:00
Bob Mottram 0b015cf2ce Bump pleroma commit 2018-05-04 22:21:03 +01:00
Bob Mottram 5e8046f637 Handle different tor health statuses 2018-05-04 15:32:18 +01:00
Bob Mottram dc73d01410 Avoid repeated emails on tor failure 2018-05-04 15:12:43 +01:00
Bob Mottram 59af1821b9 Avoid repeated tor health warnings 2018-05-04 15:06:35 +01:00
Bob Mottram d3869f5350 cron entry to check tor health and report via email 2018-05-04 14:49:15 +01:00
Bob Mottram 96540317a7 Command to show Tor health status 2018-05-04 13:51:00 +01:00
Bob Mottram 9f4a2ac224 Retain logging for tor so that we can monitor its health 2018-05-04 12:47:51 +01:00
Bob Mottram cecd4d876c Retain logging for tor so that we can monitor its health 2018-05-04 12:46:00 +01:00
Bob Mottram f2be32cb12 Re-establish proxy setting when tor is disabled 2018-05-04 11:36:19 +01:00
Bob Mottram a63785a9ca Pleroma option to disable routing through tor 2018-05-04 10:52:53 +01:00
Bob Mottram dcee3075c4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-02 11:23:26 +01:00
Bob Mottram c6fd0d43c8 Project name 2018-05-02 11:22:36 +01:00
Bob Mottram ac43e249f4 Add links 2018-05-02 10:48:46 +01:00
Bob Mottram 08994699bb Data protection advice in faq 2018-05-02 10:43:42 +01:00
Bob Mottram 6791362368 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-05-01 16:23:43 +01:00
Bob Mottram cc1b4c1c6f quotes 2018-05-01 16:22:19 +01:00
Bob Mottram 569410b9cc quotes 2018-05-01 16:19:40 +01:00
Bob Mottram 6b54de1c35 Allow variable 2018-05-01 16:18:06 +01:00
Bob Mottram 27bbfb0922 quotes 2018-05-01 16:16:01 +01:00
Bob Mottram 4a8ac66841 quotes 2018-05-01 16:15:06 +01:00
Bob Mottram b6a7f9e370 quotes 2018-05-01 16:13:57 +01:00
Bob Mottram 704a14b488 Bump pleroma commit 2018-04-29 21:38:06 +01:00
Bob Mottram b86b527882 reject not removal 2018-04-25 15:21:49 +01:00
Bob Mottram 8ce9118af2 Preceding spaces 2018-04-25 15:17:06 +01:00
Bob Mottram e7c9a2626c quotes 2018-04-25 15:12:27 +01:00
Bob Mottram d9e713bc51 Regenerate blocklist script 2018-04-25 15:07:52 +01:00
Bob Mottram 5c656e0c16 Updating pleroma filtering scripts 2018-04-25 15:05:23 +01:00
Bob Mottram b535fb9b97 Add pleroma filtering config during upgrades 2018-04-25 14:42:54 +01:00
Bob Mottram 7f4f4f2c84 Add filtering config to pleroma 2018-04-25 14:42:09 +01:00
Bob Mottram 9a441ec4dc e2e warning message 2018-04-25 13:12:37 +01:00
Bob Mottram 7f8e1d20ec Use filename variable 2018-04-25 12:57:55 +01:00
Bob Mottram 4e4bb0e47e Update xmpp e2e policy 2018-04-25 12:55:35 +01:00
Bob Mottram 85098a88af xmpp e2e policy 2018-04-25 10:04:02 +01:00
Bob Mottram 52f8dd77c4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-24 18:26:09 +01:00
Bob Mottram 695401ebda Tidying 2018-04-24 18:25:40 +01:00
Bob Mottram d887ed4631 Tidying 2018-04-24 18:24:39 +01:00
Bob Mottram a8fb9cfea4 Width of image 2018-04-24 18:17:32 +01:00
Bob Mottram b61d81ece3 Change about screen image 2018-04-24 18:14:51 +01:00
Bob Mottram 3b5a27f8fd Lower case 2018-04-24 17:52:52 +01:00
Bob Mottram de8ea8bae1 Lower case 2018-04-24 17:51:35 +01:00
Bob Mottram ce35f1f2b8 Tidying 2018-04-24 17:51:08 +01:00
Bob Mottram e0298d0cab Show ssh keys on about 2018-04-24 17:49:31 +01:00
Bob Mottram d870efe505 Remove html from mobile documentation 2018-04-24 16:30:02 +01:00
Bob Mottram 420e28edf9 v2 onion address for searx 2018-04-24 09:55:55 +01:00
Bob Mottram 07ecebe276 Bump pleroma commit 2018-04-23 18:27:16 +01:00
Bob Mottram a6b4cede0a Move location of onion routing setup for pleroma 2018-04-23 13:03:43 +01:00
Bob Mottram 8282871ffb socks5 proxy for pleroma 2018-04-23 12:35:36 +01:00
Bob Mottram a76e5b0424 Remove proxy entry from main pleroma config 2018-04-23 11:34:58 +01:00
Bob Mottram adcfed0555 Remove proxy entry from main pleroma config 2018-04-23 11:33:02 +01:00
Bob Mottram 21d54bc219 Retain chat status during pleroma upgrades 2018-04-23 11:23:22 +01:00
Bob Mottram 201de6a3e6 Attempt tor proxy with pleroma 2018-04-23 11:08:32 +01:00
Bob Mottram 42d48a4f63 Bump pleroma commit 2018-04-23 10:50:46 +01:00
Bob Mottram 7f15c467f3 Indentation 2018-04-22 18:40:13 +01:00
Bob Mottram ac078c1b2d searx port 2018-04-22 18:34:53 +01:00
Bob Mottram 733fd67af9 Wording 2018-04-22 17:22:59 +01:00
Bob Mottram a5b82b253c Capital 2018-04-22 17:20:54 +01:00
Bob Mottram 6033eceda3 Link 2018-04-22 17:19:29 +01:00
Bob Mottram 56cf282737 faq entry for booting from external drive 2018-04-22 17:17:07 +01:00
Bob Mottram a5dc1a3973 Update manpage for external drives 2018-04-22 17:08:54 +01:00
Bob Mottram 26b7ece1a3 Drive logic when testing performance 2018-04-22 16:13:28 +01:00
Bob Mottram 9a88f71564 External drive option 2018-04-22 14:29:49 +01:00
Bob Mottram 1fad6ac395 Change image name if booting from sata 2018-04-22 12:51:14 +01:00
Bob Mottram 1c5e3f4ee8 Update manpage for booting from sata 2018-04-22 12:48:51 +01:00
Bob Mottram 8b4ada33d3 Enable booting from sata on A20 boards 2018-04-22 12:44:17 +01:00
Bob Mottram 110c2a33e4 clear sequence 2018-04-22 11:59:26 +01:00
Bob Mottram 38c0fc7673 Check for drive using ls 2018-04-22 11:35:46 +01:00
Bob Mottram b2542e385c microsd device name for performance check 2018-04-22 11:27:25 +01:00
Bob Mottram f928af7197 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-22 10:33:05 +01:00
Bob Mottram da21f3887e The podcasts system via ssb doesn't work yet
It might be fun to try icecast instead
2018-04-22 10:32:26 +01:00
Bob Mottram 02ac3a1a2d Tidying rsyslog 2018-04-21 20:57:36 +01:00
Bob Mottram d01654f9e8 Report cached and buffered read speeds 2018-04-21 19:40:20 +01:00
Bob Mottram f1a541cde8 Wording 2018-04-21 19:15:24 +01:00
Bob Mottram 267bb7036f Install benchmarking command if needed 2018-04-21 19:14:13 +01:00
Bob Mottram b7bbcea189 Don't need newline 2018-04-21 19:12:15 +01:00
Bob Mottram 8b44ee274a Performance benchmarks option on control panel 2018-04-21 19:10:32 +01:00
Bob Mottram f33d4f17de Install hdparm for benchmarks 2018-04-21 18:33:28 +01:00
Bob Mottram 5757275d81 Tidying 2018-04-21 18:31:26 +01:00
Bob Mottram 6bb05249cc microsd benchmarks 2018-04-21 17:22:21 +01:00
Bob Mottram da6909b3b5 Increase to 32M block writes 2018-04-21 15:00:57 +01:00
Bob Mottram f0186a7aa4 Microsd card recommendations 2018-04-21 14:46:36 +01:00
Bob Mottram 968319ded3 microsd card optimisation daemon 2018-04-21 14:05:44 +01:00
Bob Mottram 572076dffa Set read ahead cache for better microSD read performance 2018-04-21 12:56:58 +01:00
Bob Mottram cafac595d5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-21 12:29:59 +01:00
Bob Mottram 66fa2a0ff8 Reduce logo width 2018-04-21 12:29:38 +01:00
Bob Mottram d8a267f223 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-21 12:24:49 +01:00
Bob Mottram b4c8c71e2c Local links 2018-04-21 12:24:20 +01:00
Bob Mottram 33ef111d43 link to fdl 2018-04-21 12:06:01 +01:00
Bob Mottram 629cd56d43 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-21 12:02:03 +01:00
Bob Mottram 83e64d8704 Update readme 2018-04-21 12:00:49 +01:00
Bob Mottram 969ded313e Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-21 09:50:29 +01:00
Bob Mottram ae6f5e1c37 tox upgrades 2018-04-20 20:44:57 +01:00
Bob Mottram 1308cf69ac Fix toxcore installation 2018-04-20 20:41:41 +01:00
Bob Mottram 15d71bafb9 Extra toxic compile options 2018-04-20 19:40:41 +01:00
Bob Mottram c237bfb8c5 condition 2018-04-20 19:24:43 +01:00
Bob Mottram a086e8768b Enable or disable toxic desktop notify 2018-04-20 19:23:50 +01:00
Bob Mottram 1187c51c2b libalut needed by toxic 2018-04-20 19:17:48 +01:00
Bob Mottram bba4d55118 Second ncurses library for toxic 2018-04-20 19:03:49 +01:00
Bob Mottram 61f30f8036 Toxic needs libpng 2018-04-20 17:23:00 +01:00
Bob Mottram af4755f2da Start seconds counter at start of function 2018-04-20 15:20:32 +01:00
Bob Mottram 47b848e0f1 Bump toxic commit 2018-04-20 14:27:41 +01:00
Bob Mottram d1680f2adc Update toxcore version to 0.2.2 2018-04-20 13:57:34 +01:00
Bob Mottram 07e91fa26c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-20 13:18:49 +01:00
Bob Mottram f56f58e422 Restart tor on migration failure 2018-04-20 13:16:58 +01:00
Bob Mottram 5b5050a708 Ensure that the tor config files remain active even if the original torrc was overwritten 2018-04-20 13:05:00 +01:00
Bob Mottram dce5921d5d Move tor logging control to its own file 2018-04-20 13:02:44 +01:00
Bob Mottram f3033b4d5c Move tor bridge definitions to their own file 2018-04-20 12:51:17 +01:00
Bob Mottram 48afc21624 Tidying 2018-04-20 12:38:59 +01:00
Bob Mottram 831d4487b9 Double backslash 2018-04-20 12:10:55 +01:00
Bob Mottram 88851408b9 Remove hidden service definitions from torrc 2018-04-20 11:47:23 +01:00
Bob Mottram 5e80ab9df4 Move dns settings to separate tor config file 2018-04-20 11:41:20 +01:00
Bob Mottram 62b5592b58 Use project name for tor file 2018-04-20 11:24:39 +01:00
Bob Mottram 05cb0bc4a0 Move tor services to new file 2018-04-20 11:16:05 +01:00
Bob Mottram 990edc125c Move tor services to new file 2018-04-20 11:08:36 +01:00
Bob Mottram 98c0b563f9 Migrate hidden service definitions from torrc to their own file
This should reduce problems during tor package upgrades
2018-04-20 10:45:53 +01:00
Bob Mottram 771d0573ae Tidying 2018-04-19 22:16:58 +01:00
Bob Mottram 21ecf61c13 extra syslog check 2018-04-19 11:43:11 +01:00
Bob Mottram 54f4a246ed Move postgresql logging functions 2018-04-19 11:39:26 +01:00
Bob Mottram f2654245aa Remove postgresql log files 2018-04-19 11:28:11 +01:00
Bob Mottram be74c3040a Turn off postgresql logging 2018-04-19 11:07:11 +01:00
Bob Mottram b33deeb016 Turn off kernel logging 2018-04-19 10:41:26 +01:00
Bob Mottram 541bb3d699 Remove syslog files when turning off logging 2018-04-19 10:34:11 +01:00
Bob Mottram 869aba1181 Initial pleroma user account 2018-04-18 15:49:15 +01:00
Bob Mottram 33c9bbe991 Merge branch 'master' of https://github.com/bashrc/freedombone 2018-04-18 15:43:45 +01:00
Bob Mottram cd8e01922c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-18 15:41:40 +01:00
Bob Mottram 9b2ac0e151 No http2 on onion pleroma site 2018-04-18 15:37:14 +01:00
Bob Mottram 868fa70484 Also install hex as root user 2018-04-18 14:15:35 +01:00
Bob Mottram b221f8cfa3 Backslash 2018-04-18 14:08:30 +01:00
Bob Mottram 9d29832a6e Dialog height 2018-04-18 11:22:49 +01:00
Bob Mottram 54cf419ff5 Dialog height 2018-04-18 11:22:06 +01:00
Bob Mottram bd7b2d2283 Reverse logic 2018-04-18 11:21:01 +01:00
Bob Mottram 6fb77ea5eb Dialog height 2018-04-18 11:19:17 +01:00
Bob Mottram 2b8eddba2f pleroma chat can be enabled or disabled from the control panel 2018-04-18 11:18:47 +01:00
Bob Mottram f547bc4540 Check that directories exist 2018-04-18 10:40:34 +01:00
Bob Mottram 3ef6dce626 Bump pleroma commit 2018-04-18 10:30:19 +01:00
Bob Mottram ae687fc57e Back to previous n version 2018-04-18 09:54:43 +01:00
Bob Mottram 731579c117 No slash 2018-04-17 10:38:47 +01:00
Bob Mottram 6b2de7165f Adding and removing pleroma users noninteractively 2018-04-17 10:30:57 +01:00
Bob Mottram 3bcad80f38 Don't install scuttlebot on mesh nodes 2018-04-16 13:49:15 +01:00
Bob Mottram 2fbbe064db Don't need nodejs on mesh nodes 2018-04-16 13:03:45 +01:00
Bob Mottram e189f3b930 Add date of release 2018-04-15 19:01:35 +01:00
Bob Mottram c78994abb5 New release link 2018-04-15 19:00:25 +01:00
Bob Mottram 480fae38bc Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-15 18:49:09 +01:00
Bob Mottram 8161704e10 Switch image links to 3.1 2018-04-15 18:27:48 +01:00
Bob Mottram c02e6b6479 Switch image links to 3.1 2018-04-15 18:27:05 +01:00
Bob Mottram ca581cf141 Wording 2018-04-15 17:07:10 +01:00
Bob Mottram 964c2c9c83 link 2018-04-15 17:04:45 +01:00
Bob Mottram ab354f8408 Extra commands 2018-04-15 16:31:10 +01:00
Bob Mottram acf91d5a31 blurb 2018-04-15 14:16:18 +01:00
Bob Mottram b061d326d3 Mention onion only images 2018-04-15 12:25:56 +01:00
Bob Mottram e429663435 Create directory if needed 2018-04-15 12:10:55 +01:00
Bob Mottram ad964baf77 LibreMesh link 2018-04-15 11:22:37 +01:00
Bob Mottram ec81491387 Link back to the main page 2018-04-15 11:20:50 +01:00
Bob Mottram daf3f3ffd9 Remove image 2018-04-15 11:12:00 +01:00
Bob Mottram e6fff604d9 Conventional header 2018-04-15 11:11:26 +01:00
Bob Mottram 9b1d0f3a63 Font size 2018-04-15 11:05:07 +01:00
Bob Mottram 2c10fbb8d2 Font size 2018-04-15 10:40:07 +01:00
Bob Mottram 870a3ca463 Font details 2018-04-15 10:38:04 +01:00
Bob Mottram a747cbc2b0 Font details 2018-04-15 10:36:51 +01:00
Bob Mottram 533ed0e271 Right aligned 2018-04-15 10:32:38 +01:00
Bob Mottram b0de094103 Header style 2018-04-15 10:30:41 +01:00
Bob Mottram 4216083775 Header style 2018-04-15 10:28:47 +01:00
Bob Mottram 81ecf85707 Link to email 2018-04-15 10:26:39 +01:00
Bob Mottram 28d044731b Notes about onion email addresses 2018-04-15 10:22:23 +01:00
Bob Mottram 943bf8a2e7 Remove pleroma logo 2018-04-14 22:27:08 +01:00
Bob Mottram c5a93ce8ce Number colour 2018-04-14 22:24:07 +01:00
Bob Mottram f2e027effe Heading size 2018-04-14 22:19:03 +01:00
Bob Mottram 9d169b3602 release document test 2018-04-14 22:15:47 +01:00
Bob Mottram 2b140802cf version number 2018-04-14 19:52:42 +01:00
Bob Mottram 9c882a8fd4 bdsmail 2018-04-14 19:51:39 +01:00
Bob Mottram 14b76b6708 Beginning of release documentation 2018-04-14 19:42:35 +01:00
Bob Mottram 765284d9e1 Bump pleroma commit 2018-04-14 18:27:02 +01:00
Bob Mottram 68dcef2a26 faq footer 2018-04-14 15:14:58 +01:00
Bob Mottram aa86705e80 Note about network restart on mesh 2018-04-14 15:13:16 +01:00
Bob Mottram 22a64f389c Documentation for port scanning 2018-04-14 14:16:40 +01:00
Bob Mottram ff31ff6961 Mitigate port scanning 2018-04-14 13:23:34 +01:00
Bob Mottram 4cad482b5f Check bmx7 was installed 2018-04-14 11:04:56 +01:00
Bob Mottram c8a0e38f3a Check bmx7 was installed 2018-04-14 11:02:36 +01:00
Bob Mottram 12c0eed38b re-enable git-ssb setup with paths 2018-04-13 20:59:37 +01:00
Bob Mottram 306766000b Update mesh initial login image 2018-04-13 20:36:55 +01:00
Bob Mottram b5e3659ead Comment out for now 2018-04-13 18:10:21 +01:00
Bob Mottram 3c342619d5 lib directory 2018-04-13 17:38:40 +01:00
Bob Mottram 30eca6b2ad modules paths 2018-04-13 16:26:26 +01:00
Bob Mottram 3f16b9b3de Use new global modules directory for scuttlebot 2018-04-13 15:24:07 +01:00
Bob Mottram 0ce090ab8b exports before installing git-ssb 2018-04-13 14:43:17 +01:00
Bob Mottram d292fdf9e3 Don't install bmx7 2018-04-13 14:14:53 +01:00
Bob Mottram 78d67f6019 Ensure scuttlebot ownership of the directory 2018-04-13 13:30:40 +01:00
Bob Mottram 12c690abd5 Don't try to install global packages as a local user 2018-04-13 13:07:33 +01:00
Bob Mottram 93801c7331 exit 2018-04-13 12:36:29 +01:00
Bob Mottram 6aefd00751 Don't install scuttlebot as root 2018-04-13 12:35:48 +01:00
Bob Mottram c66933077f Leave out scuttlebot 2018-04-13 11:40:20 +01:00
Bob Mottram 561fd38b7a exports before scuttlebot install 2018-04-13 11:16:49 +01:00
Bob Mottram a67fc56d8c Try permissions option 2018-04-12 22:51:03 +01:00
Bob Mottram 1f6546d464 ownership of npm 2018-04-12 21:27:29 +01:00
Bob Mottram b3f4ebe2ae Tidying 2018-04-12 21:17:37 +01:00
Bob Mottram c4b952a45e Install socks 2018-04-12 20:59:10 +01:00
Bob Mottram 0a8147e8c3 Remove cacache 2018-04-12 20:41:03 +01:00
Bob Mottram 96e5e1f85d Setup global npm before installing patchwork on mesh 2018-04-12 20:37:43 +01:00
Bob Mottram 70d768371d Setup npm on mesh 2018-04-12 20:19:03 +01:00
Bob Mottram b13d431627 Scuttlebot version 2018-04-12 19:48:56 +01:00
Bob Mottram ea37577009 file link 2018-04-12 18:26:01 +01:00
Bob Mottram 6fc94e2019 file link 2018-04-12 18:22:38 +01:00
Bob Mottram 90344acbef Include documentation license 2018-04-12 18:20:09 +01:00
Bob Mottram 0d36c9c4fe Usage page no longer used 2018-04-12 18:06:09 +01:00
Bob Mottram e7bf8f59a4 gfdl footers 2018-04-12 18:05:18 +01:00
Bob Mottram fa65bdfdb4 gfdl footers 2018-04-12 17:33:16 +01:00
Bob Mottram 797b2a3a35 curl silent mode 2018-04-12 15:24:24 +01:00
Bob Mottram 2a53814aed External IP lookup 2018-04-12 15:21:25 +01:00
Bob Mottram 806a7bbf62 GFDL footers 2018-04-12 14:52:12 +01:00
Bob Mottram ec828b71f8 Controlpanel document not actually used 2018-04-12 14:45:48 +01:00
Bob Mottram ce6e313d56 Update tags 2018-04-12 14:29:55 +01:00
Bob Mottram c54077c54d control panel image 2018-04-12 14:26:50 +01:00
Bob Mottram 92e8fcd418 Initial mesh image 2018-04-12 13:59:21 +01:00
Bob Mottram a1e13ec3c0 Update document formatting 2018-04-12 13:34:44 +01:00
Bob Mottram 65c6de6e4b Update document formatting 2018-04-12 13:33:09 +01:00
Bob Mottram 0126fe2baa New formatting on images 2018-04-12 13:03:24 +01:00
Bob Mottram 53b883d895 New formatting on images 2018-04-12 13:01:49 +01:00
Bob Mottram fa566271b9 Image widths 2018-04-12 11:59:15 +01:00
Bob Mottram dce243258f title 2018-04-12 11:55:48 +01:00
Bob Mottram 6ccd422ffb Heading 2018-04-12 11:27:24 +01:00
Bob Mottram 8c7d42d7c8 Reformatting images 2018-04-12 11:17:56 +01:00
Bob Mottram fac14ca960 No fixed width in css 2018-04-12 11:09:16 +01:00
Bob Mottram 346fcb583b More formatting 2018-04-12 11:02:33 +01:00
Bob Mottram 6a15de357d comma 2018-04-12 10:50:00 +01:00
Bob Mottram 403ef7991d Width only 2018-04-12 10:48:02 +01:00
Bob Mottram 828b2f52f5 No center 2018-04-12 10:45:13 +01:00
Bob Mottram 948d17efc9 More attributes 2018-04-12 10:41:19 +01:00
Bob Mottram f44ce286fb More attributes 2018-04-12 10:39:10 +01:00
Bob Mottram b2d9525398 icon attributes 2018-04-12 10:36:39 +01:00
Bob Mottram dc9ceed9fb Replace text with icons 2018-04-12 10:24:31 +01:00
Bob Mottram d57f5d3431 Link to blog 2018-04-11 22:06:24 +01:00
Bob Mottram 754951684e Wording 2018-04-11 20:50:32 +01:00
Bob Mottram d4ed63f4dd No header 2018-04-11 20:37:18 +01:00
Bob Mottram 01e07b3d04 Wording 2018-04-11 20:34:28 +01:00
Bob Mottram 8c02024963 Changing index page for increased brevity
Try to keep things as concise as possible
2018-04-11 20:32:21 +01:00
Bob Mottram 7b604c044c Retire the quote 2018-04-11 19:53:02 +01:00
Bob Mottram 8ddae592fa Remove image 2018-04-11 19:49:41 +01:00
Bob Mottram d65ba2b9cd Test new logo 2018-04-11 19:46:58 +01:00
Bob Mottram 3b66645653 Adding user within template 2018-04-11 13:56:24 +01:00
Bob Mottram dd9cef862e Dialog dimensions 2018-04-10 11:03:17 +01:00
Bob Mottram 0d3a3c5b88 Dialog dimensions 2018-04-10 11:01:49 +01:00
Bob Mottram d1f1328a12 Configure dat bootstrap servers 2018-04-10 10:37:50 +01:00
Bob Mottram 33ae6d4444 Since the bootstrap file is small, just generate it directly 2018-04-10 10:24:59 +01:00
Bob Mottram 0dcf17b375 Possibility for alternative dat bootstrap servers 2018-04-10 10:10:56 +01:00
Bob Mottram 55886e37e3 Comments 2018-04-09 23:39:53 +01:00
Bob Mottram 5866656ae2 Comments 2018-04-09 23:14:34 +01:00
Bob Mottram 75a55936fa Firewall for dat 2018-04-09 20:13:00 +01:00
Bob Mottram a928d89c3e Try with lil-pids 2018-04-09 18:03:35 +01:00
Bob Mottram e103ca5333 Reduce dialog height 2018-04-09 17:28:15 +01:00
Bob Mottram b9746c41c1 Edit from dat directory 2018-04-09 17:23:14 +01:00
Bob Mottram 13c7f604e9 New menu style 2018-04-09 17:06:50 +01:00
Bob Mottram ff088f16d2 Password calls not needed 2018-04-09 17:03:05 +01:00
Bob Mottram c749cd49b7 tidying 2018-04-09 16:57:24 +01:00
Bob Mottram ec6fb3a313 Remove script 2018-04-09 16:56:20 +01:00
Bob Mottram c998564b70 Local install of datserver 2018-04-09 16:31:35 +01:00
Bob Mottram 8b8d3b5b96 Creation of user account for datserver 2018-04-09 14:40:54 +01:00
Bob Mottram 842d72b0ad Also remove lil-pids 2018-04-09 14:34:36 +01:00
Bob Mottram aca9aed871 Set lil-pids version 2018-04-09 14:33:50 +01:00
Bob Mottram 12f591091d Updating to use hypercored 2018-04-09 14:30:27 +01:00
Bob Mottram 8ef9be1a6e Add hypercored 2018-04-09 13:58:30 +01:00
Bob Mottram dace6d3f48 create datserver directory 2018-04-09 13:38:26 +01:00
Bob Mottram b200d55769 dat server app 2018-04-09 13:32:43 +01:00
Bob Mottram ab63f891ba Set domain if this is a web app 2018-04-08 18:06:37 +01:00
Bob Mottram 57ab82d129 Domain check only needed if app has web ui 2018-04-08 18:02:09 +01:00
Bob Mottram b8d3f08437 Indentation 2018-04-08 18:00:50 +01:00
Bob Mottram 2b95fb89c3 quotes 2018-04-08 17:57:09 +01:00
Bob Mottram 06336167a3 Suspend and resume for restore functions within template 2018-04-08 17:45:31 +01:00
Bob Mottram 49a4b445f7 Don't look for domain if this is not a web app 2018-04-08 17:35:21 +01:00
Bob Mottram 85cbecbc45 web dependent 2018-04-08 17:32:24 +01:00
Bob Mottram 3942cd7c4d Remove node apps after stopping daemon 2018-04-08 17:31:45 +01:00
Bob Mottram 0e7efa7766 Remove node app in template 2018-04-08 17:22:37 +01:00
Bob Mottram d7780f284d Handling nodejs within templates 2018-04-08 17:00:20 +01:00
Bob Mottram 26d5dbfa60 Daemon echoes without break 2018-04-08 16:00:16 +01:00
Bob Mottram 36329ee5b2 Document daemon within template 2018-04-08 15:58:02 +01:00
Bob Mottram 2f379cdb67 Template changed for handling no web UI apps 2018-04-08 15:56:54 +01:00
Bob Mottram 466b5c023e Indentation 2018-04-08 15:27:23 +01:00
Bob Mottram 57691049ab Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-08 14:23:54 +01:00
Bob Mottram 16f549bed2 local domain name for avahi 2018-04-08 14:23:26 +01:00
Bob Mottram d506ba3e05 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-08 13:56:02 +01:00
Bob Mottram 5020947c7d Inappropriate quotes 2018-04-08 13:55:13 +01:00
Bob Mottram 149899bdc9 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-08 13:31:13 +01:00
Bob Mottram 5fe5bbf706 Update header logos 2018-04-08 13:30:21 +01:00
Bob Mottram 1be51d8c3c Specify node package to install within template 2018-04-08 12:30:45 +01:00
Bob Mottram 6ca08eefab manpage for templates without a web ui 2018-04-08 12:27:20 +01:00
Bob Mottram f5825cc2d6 Template for apps without a web ui 2018-04-08 12:00:45 +01:00
Bob Mottram f125123fb4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-07 22:27:36 +01:00
Bob Mottram fb0aa4fba2 Mark nodejs as installed within image 2018-04-07 22:25:49 +01:00
Bob Mottram a09bb9bebd project name 2018-04-07 22:18:47 +01:00
Bob Mottram 100b2a5ead Set golang version when creating image 2018-04-07 22:17:56 +01:00
Bob Mottram 30af6b69a7 pleroma_secret config file defined in one place 2018-04-07 21:46:48 +01:00
Bob Mottram 3420e71e81 securrity settings submenu 2018-04-07 20:51:52 +01:00
Bob Mottram d3057a6db3 Change ownership if file exists 2018-04-07 18:40:48 +01:00
Bob Mottram d1535c71ea Some extra safety checks when appending to crontab 2018-04-07 18:39:54 +01:00
Bob Mottram 6e65880756 Read username 2018-04-07 14:15:53 +01:00
Bob Mottram e9c901fdac Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-07 14:00:25 +01:00
Bob Mottram 0615969c87 Show QR codes separately so that it looks better on small netbook-like screens 2018-04-07 13:58:15 +01:00
Bob Mottram 801e14529d Invert logic 2018-04-07 13:22:26 +01:00
Bob Mottram 32ff0f683c bdsmail address 2018-04-07 13:20:51 +01:00
Bob Mottram 7f23b21f5d Tidying 2018-04-07 13:18:00 +01:00
Bob Mottram 60b4b077d8 Show onion email address as QR code on user control panel 2018-04-07 11:35:48 +01:00
Bob Mottram 43133492dd Tidying 2018-04-07 11:07:47 +01:00
Bob Mottram 206a87ca59 Tidying 2018-04-07 11:06:12 +01:00
Bob Mottram a9c16b9986 Show onion email address on user control panel 2018-04-07 11:05:26 +01:00
Bob Mottram b9cb250613 Bump pleroma commit 2018-04-06 19:09:59 +01:00
Bob Mottram ab87fc0178 syntax 2018-04-06 18:39:35 +01:00
Bob Mottram 3ebbfe0ebb Don't automatically pgp encrypt email on onion only systems 2018-04-06 15:05:18 +01:00
Bob Mottram dbbe101584 Email router sequence for onion domains 2018-04-06 13:21:54 +01:00
Bob Mottram c623ddae3c Don't reject onion domains 2018-04-06 12:35:59 +01:00
Bob Mottram 9372006289 Extra onion relay settings 2018-04-05 21:13:24 +01:00
Bob Mottram 1d354614ca tidying 2018-04-05 20:56:07 +01:00
Bob Mottram 970238c255 cryptify email message ID 2018-04-05 19:43:37 +01:00
Bob Mottram 42d9bb3c15 Remove user agent from email header 2018-04-05 19:33:31 +01:00
Bob Mottram d2672e31a8 Set mailname for onion only installs 2018-04-05 17:46:22 +01:00
Bob Mottram c855eb244f More width 2018-04-05 17:12:47 +01:00
Bob Mottram 8e097d36bb Width of dialog 2018-04-05 17:09:21 +01:00
Bob Mottram 63664097d6 Punctuation 2018-04-05 13:23:57 +01:00
Bob Mottram 9ee31716b6 Basic instructions in user terminal 2018-04-05 13:21:31 +01:00
Bob Mottram 16cf1653f2 Show the motd when exiting to the commandline from user control panel 2018-04-05 13:12:21 +01:00
Bob Mottram f30471a0ab Don't show hostname when logged in as user
This avoids the problem when long onion addresses are the hostname
2018-04-05 13:10:21 +01:00
Bob Mottram 89e2c97a28 Add onion domain to hosts 2018-04-05 12:33:18 +01:00
Bob Mottram 0241abd55b Set the email onion domain as hostname on onion only installs 2018-04-04 18:47:47 +01:00
Bob Mottram 0f882192b4 Correct email name on onion only images 2018-04-04 18:17:46 +01:00
Bob Mottram 21468a0547 Installing tor from backports 2018-04-04 18:02:34 +01:00
Bob Mottram 8ee6075366 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-04-04 15:46:40 +01:00
Bob Mottram f553e502ec Configuration title 2018-04-04 15:46:10 +01:00
Bob Mottram 6ac012fac9 menu height 2018-04-04 15:44:19 +01:00
Bob Mottram 17a2a66e0b Menu style during installation steps 2018-04-04 15:43:24 +01:00
Bob Mottram 07752211e3 Also install dat 2018-04-04 14:07:14 +01:00
Bob Mottram 5c07267254 ssb tor integration 2018-04-04 14:03:49 +01:00
Bob Mottram 1e1134ffd3 xmpp configuration menu style 2018-04-04 13:20:20 +01:00
Bob Mottram 6fd1d1a5ed vpn configuration menu style 2018-04-04 13:18:45 +01:00
Bob Mottram 054f5a1d16 tahoelafs configuration menu style 2018-04-04 13:16:41 +01:00
Bob Mottram aebb250cb7 searx configuration menu style 2018-04-04 13:14:35 +01:00
Bob Mottram 85b7fbdecd scuttlebot configuration menu style 2018-04-04 13:13:09 +01:00
Bob Mottram d48edfc5f5 keyserver configuration menu style 2018-04-04 13:09:50 +01:00
Bob Mottram 7f027206e6 etherpad configuration menu style 2018-04-04 13:08:03 +01:00
Bob Mottram 5c410c4b34 dlna configuration menu style 2018-04-04 13:04:43 +01:00
Bob Mottram 55906ffcd6 icecast configuration menu style 2018-04-04 13:03:03 +01:00
Bob Mottram caf8fa57e8 irc configuration menu style 2018-04-04 13:00:11 +01:00
Bob Mottram 383619b029 koel configuration menu style 2018-04-04 12:50:32 +01:00
Bob Mottram 4f87aedfd6 Update array within loop to show changed months 2018-04-04 12:48:02 +01:00
Bob Mottram 5deca1d6a1 pleroma configuration menu style 2018-04-04 12:46:55 +01:00
Bob Mottram e47bf36beb postactiv configuration menu style 2018-04-04 12:44:11 +01:00
Bob Mottram 70ef18780a gnusocial configuration menu style 2018-04-04 12:42:18 +01:00
Bob Mottram 54ec3b2dda Friendica configuration menu style 2018-04-04 12:40:11 +01:00
Bob Mottram 0b6489bc45 Hubzilla configuration menu style 2018-04-04 12:38:17 +01:00
Bob Mottram 2cbcf7b143 Edith configuration menu style 2018-04-04 12:33:00 +01:00
Bob Mottram cfa652cbff Height 2018-04-04 12:29:32 +01:00
Bob Mottram 56825ad323 peertube configuration menu style 2018-04-04 12:28:09 +01:00
Bob Mottram 5cfbb1dc10 Include ethernet so that wired meshes are possible 2018-04-04 12:24:35 +01:00
Bob Mottram 6833fa8410 wlan interfaces must be allowed within avahi, otherwise *.local will not resolve 2018-04-04 10:40:13 +01:00
Bob Mottram 272a7285bc ipv6 style urls 2018-04-04 10:32:32 +01:00
Bob Mottram f5477df602 Yes, same webpack error even with the new node version 2018-04-03 22:16:22 +01:00
Bob Mottram 3848b618a9 i386 for peertube install 2018-04-03 20:52:31 +01:00
Bob Mottram 3c1e4e4e9f Condition to avoid cpu detection bug 2018-04-03 18:06:58 +01:00
Bob Mottram e02c86ddd3 Experimental node install 2018-04-03 17:53:19 +01:00
Bob Mottram 1b7a329005 Secondary fix 2018-04-03 17:36:45 +01:00
Bob Mottram cacacc38d1 n version 2018-04-03 17:23:29 +01:00
Bob Mottram 0ed95a0691 More npm copying 2018-04-03 17:07:08 +01:00
Bob Mottram b70158a68d Try npm 5.8 2018-04-03 16:10:47 +01:00
Bob Mottram 652c3a08ab Copying npm 2018-04-03 14:17:47 +01:00
Bob Mottram db3d7582bc worker-farm update doesn't appear to have any effect 2018-04-03 13:29:08 +01:00
Bob Mottram 0df945bc6c Remove test 2018-04-03 13:18:02 +01:00
Bob Mottram 3ac0d69cd0 More replacements for cpu detection 2018-04-03 12:50:18 +01:00
Bob Mottram a4966549d9 Different directory 2018-04-03 12:34:20 +01:00
Bob Mottram f26a272f3b Test earlier 2018-04-03 12:21:58 +01:00
Bob Mottram 7d02248a5d slash 2018-04-03 12:10:45 +01:00
Bob Mottram 2855d5ac22 npm test 2018-04-03 11:48:18 +01:00
Bob Mottram c30ee3949f Restore npm version 2018-04-03 11:46:10 +01:00
Bob Mottram 87f395376a Recommended cpu detection change 2018-04-03 11:45:51 +01:00
Bob Mottram 68fd05d847 Try going back to npm 4.x 2018-04-03 11:11:02 +01:00
Bob Mottram c29e754b22 Paths for cpu detection 2018-04-02 22:52:32 +01:00
Bob Mottram 5125030fca worker-farm version 2018-04-02 16:29:27 +01:00
Bob Mottram 90c9b3f44d Keep the lock file in tmp 2018-04-02 16:10:27 +01:00
Bob Mottram 28acc2de99 Dialog dimensions 2018-04-02 16:04:57 +01:00
Bob Mottram 13d834bfcb Call cpu detection fix after installing new npm 2018-04-02 15:35:57 +01:00
Bob Mottram cefafc1430 Tidying 2018-04-02 15:23:53 +01:00
Bob Mottram 115781093c Install worker-farm to fix cpu detection bug 2018-04-02 15:21:44 +01:00
Bob Mottram 9dc754bc96 Fix for failing cpu detection during build 2018-04-02 15:05:58 +01:00
Bob Mottram 608010de34 Try different npm version to avoid length error 2018-04-02 14:56:46 +01:00
Bob Mottram f65875aa3a Try mesh with peertube again 2018-04-02 14:25:56 +01:00
Bob Mottram c7db944776 Ending 2018-04-02 13:14:25 +01:00
Bob Mottram 455c987a9f Tidying 2018-04-02 13:08:02 +01:00
Bob Mottram 93a64b218f Remove lock on fail 2018-04-02 12:57:27 +01:00
Bob Mottram 6108a065e8 peertube sync lock file 2018-04-02 12:54:24 +01:00
Bob Mottram c094386951 quotes around video title 2018-04-02 12:26:12 +01:00
Bob Mottram 9f42792e6a Tidying 2018-04-02 12:23:20 +01:00
Bob Mottram ead20fe57b Add another dns option 2018-04-02 11:54:04 +01:00
Bob Mottram d10c20e5d4 Peertube documentation 2018-04-01 20:33:06 +01:00
Bob Mottram ff6866d686 Use basename to avoid slashes 2018-04-01 19:34:58 +01:00
Bob Mottram d3e6ffb09a Remove echo 2018-04-01 19:25:20 +01:00
Bob Mottram 90bc724d1a quiet 2018-04-01 19:21:56 +01:00
Bob Mottram 0ce7a79480 Remove files from uploading status 2018-04-01 19:20:27 +01:00
Bob Mottram 30f6c1fc58 Fixing peertube video sync 2018-04-01 19:07:36 +01:00
Bob Mottram 1580564fa5 Bump pleroma commit 2018-04-01 17:17:30 +01:00
Bob Mottram 546436b589 Setup peertube sync on install 2018-04-01 17:14:30 +01:00
Bob Mottram 2916577397 login.txt 2018-04-01 17:13:52 +01:00
Bob Mottram 4201c612ec Ability to change privacy status of synced peertube videos 2018-04-01 17:10:28 +01:00
Bob Mottram 18a0866da7 Also capitals 2018-04-01 17:01:35 +01:00
Bob Mottram 69d5e0b35f Uploading of videos to peertube via syncthing 2018-04-01 16:25:41 +01:00
Bob Mottram b8c927a2a6 Import video to pertube from file 2018-04-01 14:20:19 +01:00
Bob Mottram 3bba0ea621 Option to import videos into peertube 2018-04-01 11:50:03 +01:00
Bob Mottram c42ed5985c CORS support for pleroma 2018-04-01 10:49:30 +01:00
Bob Mottram 7f7cb0e9ff Bump pleroma commit 2018-04-01 10:41:10 +01:00
Bob Mottram bdd063a7dc No interactive configuration of bludit 2018-03-31 22:06:04 +01:00
Bob Mottram 91e68c8796 Bump pleroma commit for mastodon fe 2018-03-31 20:59:46 +01:00
Bob Mottram 4c5381a018 Also do the downgrade trick for mesh install of peertube 2018-03-31 20:40:50 +01:00
Bob Mottram 167b0b6a0f Install redis 2018-03-31 20:27:25 +01:00
Bob Mottram d0bf397f9e copy npm to usr 2018-03-31 20:13:23 +01:00
Bob Mottram 2057c6195e Temporary npm downgrade 2018-03-31 20:08:21 +01:00
Bob Mottram 699f7a58b9 Additional peertube dependencies 2018-03-31 19:43:57 +01:00
Bob Mottram 1ccfdc701d Bump peertube commit 2018-03-31 19:28:46 +01:00
Bob Mottram 3ebb3e93ea Replace ghost 2018-03-31 19:24:41 +01:00
Bob Mottram c0ca86124d Clone bludit repo within images 2018-03-31 19:23:34 +01:00
Bob Mottram 4378a1f405 Add documentation for bludit 2018-03-31 18:28:29 +01:00
Bob Mottram 0f994d5533 Remove ghost from documentation 2018-03-31 18:19:08 +01:00
Bob Mottram 25c70d0070 Tidying 2018-03-31 18:16:44 +01:00
Bob Mottram 7d70a117fa php option 2018-03-31 18:14:01 +01:00
Bob Mottram 8d75ab63da Variables 2018-03-31 14:06:06 +01:00
Bob Mottram ff968e5c4c edith 2018-03-31 14:00:28 +01:00
Bob Mottram d1a410fa93 Tidying 2018-03-31 13:57:30 +01:00
Bob Mottram c09b1b1ce4 Upper case 2018-03-31 13:53:55 +01:00
Bob Mottram c8e90a454a Check that a domain name is supplied 2018-03-31 13:50:28 +01:00
Bob Mottram 55446a0bf8 Remove directory if it already exists 2018-03-31 13:46:34 +01:00
Bob Mottram 7f89e7d87a Add bludit app 2018-03-31 13:27:18 +01:00
Bob Mottram 8d7bde9891 Deprecate ghost blog 2018-03-31 11:57:27 +01:00
Bob Mottram e789ed5a63 Fix fedwiki 2018-03-30 17:30:40 +01:00
Bob Mottram 1da89f4273 Ensure global node modules directory is created during upgrades 2018-03-30 14:17:51 +01:00
Bob Mottram 68f94f498e Handle image install of global node modules directory 2018-03-30 14:15:04 +01:00
Bob Mottram 88b9907f6f Create a global directory for node modules installed with npm 2018-03-30 14:07:33 +01:00
Bob Mottram 8094acfdf1 Update global node modules 2018-03-30 13:36:07 +01:00
Bob Mottram f1ca6f0329 Use upgrade flag to prevent global node modules from being removed 2018-03-30 12:50:00 +01:00
Bob Mottram f6becba882 npm version 2018-03-30 12:31:05 +01:00
Bob Mottram df252acac5 Additional node copy 2018-03-30 12:26:57 +01:00
Bob Mottram df5d029c54 quotes 2018-03-30 12:07:06 +01:00
Bob Mottram c4720d9508 Apply hold after checks 2018-03-30 12:02:34 +01:00
Bob Mottram 9fdac92c9b Copy node to local 2018-03-30 11:51:53 +01:00
Bob Mottram 9881291951 Read architecture value 2018-03-30 11:39:04 +01:00
Bob Mottram 58862f7386 Recommended npm version 2018-03-30 11:33:22 +01:00
Bob Mottram d05ed7ef30 Extra node check 2018-03-30 11:32:41 +01:00
Bob Mottram f765e8f4e9 More checks on node upgrade 2018-03-30 11:31:53 +01:00
Bob Mottram adb038143d Upgrade nodejs to the new LTS 2018-03-30 11:24:42 +01:00
Bob Mottram 2c73ce7733 Different logo style in the shell 2018-03-29 20:20:15 +01:00
Bob Mottram 92a27e8581 Unblocking a domain removes it from hosts file 2018-03-29 14:17:30 +01:00
Bob Mottram 31b487febe Don't rebuild exim 2018-03-29 11:54:44 +01:00
Bob Mottram 76d5a84586 Indentation 2018-03-28 20:25:58 +01:00
Bob Mottram 3b1940c1f9 Pleroma nginx settings 2018-03-28 19:16:02 +01:00
Bob Mottram d182a363b6 Check that file exists 2018-03-28 15:22:30 +01:00
Bob Mottram 80f041a5ce Development packages for building exim 2018-03-28 15:19:19 +01:00
Bob Mottram b3147fe7a2 Directory name 2018-03-28 13:27:41 +01:00
Bob Mottram 4349a10b6d exim4 subd i rectory 2018-03-28 13:25:29 +01:00
Bob Mottram d905237e27 Include email functions within upgrade 2018-03-28 13:23:48 +01:00
Bob Mottram 4104746c97 Bump pleroma commit 2018-03-28 13:13:43 +01:00
Bob Mottram a451ac0fbd Extra pleroma nginx config 2018-03-28 13:13:06 +01:00
Bob Mottram 854e1db224 rebuild exim on upgrades 2018-03-28 12:57:26 +01:00
Bob Mottram 94261c874e Rebuild exim from patch 2018-03-28 12:34:17 +01:00
Bob Mottram ac2116b67b Remove at package
Breaks stig tests
2018-03-28 11:31:20 +01:00
Bob Mottram 29bc38dace Building exim with socks support 2018-03-27 23:12:50 +01:00
Bob Mottram 488764f1c7 No redirect on failure 2018-03-27 13:35:53 +01:00
Bob Mottram 0545ecbd51 Fixing mixed content warnings 2018-03-27 12:36:43 +01:00
Bob Mottram d8b27fd761 Bump pleroma commit 2018-03-27 11:01:38 +01:00
Bob Mottram 548cff74ce Don't use 0.0.0.0 2018-03-27 10:58:07 +01:00
Bob Mottram eea614e263 Prevent nodejs package upgrades 2018-03-27 10:25:21 +01:00
Bob Mottram 90dd6b1183 Use onion address as the main email address on onion-only installs 2018-03-25 18:05:26 +01:00
Bob Mottram 741c1c5bef Simplify onion routing of email 2018-03-25 13:57:55 +01:00
Bob Mottram af7e2c39d7 riseup exim router 2018-03-25 13:17:15 +01:00
Bob Mottram adf1c2aa66 Change filenames 2018-03-25 11:38:02 +01:00
Bob Mottram f9079b5845 v3 onions for email 2018-03-23 22:28:53 +00:00
Bob Mottram 999a357e91 Update exim configuration 2018-03-23 21:54:20 +00:00
Bob Mottram 83b9a9a05f dollar 2018-03-23 21:50:29 +00:00
Bob Mottram 5df4635f00 Change filenames 2018-03-23 21:49:03 +00:00
Bob Mottram e909a996ef Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-23 17:20:38 +00:00
Bob Mottram 8a366a6103 echo 2018-03-23 17:19:30 +00:00
Bob Mottram 9754e7c21d echo 2018-03-23 17:17:31 +00:00
Bob Mottram 2a4f71ddf4 Restrict room creation 2018-03-23 10:23:25 +00:00
Bob Mottram 8db82d87ff Repo not needed 2018-03-22 21:57:29 +00:00
Bob Mottram 660d73f726 Experimental support for sending email via onion addresses 2018-03-22 21:56:47 +00:00
Bob Mottram ec1b8638e2 Remove backup email templates on upgrade 2018-03-22 19:58:19 +00:00
Bob Mottram 24025e53b5 Speculative onion routing of email 2018-03-22 19:56:44 +00:00
Bob Mottram 7afbf335eb Update prosody build and modules 2018-03-22 11:15:35 +00:00
Bob Mottram b8eaf17ee0 Only restart prosody if the daemon isn't running 2018-03-22 10:52:41 +00:00
Bob Mottram 875bb191e7 Ensure that registrations are not re-enabled by upgrades 2018-03-21 22:43:23 +00:00
Bob Mottram 7236dbad96 Remove comments which are no longer relevant 2018-03-21 22:24:14 +00:00
Bob Mottram 1cbdebed65 Conditions not needed 2018-03-21 15:05:11 +00:00
Bob Mottram d415be01c3 Fix logo directory 2018-03-21 14:54:11 +00:00
Bob Mottram 48f108183b Bump pleroma commit 2018-03-21 14:35:23 +00:00
Bob Mottram 685b61dba2 Set custom pleroma logo on upgrades 2018-03-19 11:04:21 +00:00
Bob Mottram 4737a503a7 Separate custom logo function for pleroma 2018-03-19 11:01:59 +00:00
Bob Mottram 775177fc8d No stdout 2018-03-18 15:24:43 +00:00
Bob Mottram 007c45c5a3 list of app names 2018-03-18 15:21:09 +00:00
Bob Mottram a62d7fdd99 Choosing an app 2018-03-18 15:12:55 +00:00
Bob Mottram 89fb7a5886 Show ip address 2018-03-18 15:04:35 +00:00
Bob Mottram 3f5762078f icann address formatting 2018-03-18 14:56:00 +00:00
Bob Mottram b9777b049f Onion address formatting 2018-03-18 14:47:10 +00:00
Bob Mottram f30d7e82b1 Comment 2018-03-18 14:35:33 +00:00
Bob Mottram 8cc85edea8 Scale to screen size 2018-03-18 14:33:00 +00:00
Bob Mottram 2d6d29487c Dialog width 2018-03-18 14:28:23 +00:00
Bob Mottram f92f215b26 quotes 2018-03-18 14:26:13 +00:00
Bob Mottram c742ce3362 Show domains style 2018-03-18 14:24:05 +00:00
Bob Mottram 9cd23b51fe Remove pleroma blocking command 2018-03-18 12:20:30 +00:00
Bob Mottram c0e50a0685 Remove firewall commands for gnusocial/postactiv 2018-03-18 12:11:56 +00:00
Bob Mottram e663ab3c14 Security menu height 2018-03-18 11:09:29 +00:00
Bob Mottram c94d8bd135 Remove monkeysphere options from security menu
It's currently not used or recommended
2018-03-18 11:08:05 +00:00
Bob Mottram 24c39e1d07 Move ping enable/disable to security menu 2018-03-18 11:06:27 +00:00
Bob Mottram f506df693d Exit after tripwire functions 2018-03-18 11:02:50 +00:00
Bob Mottram 3309fe281a Move tripwire functions to security menu 2018-03-18 10:58:18 +00:00
Bob Mottram 4299a389cf Checking is password changing function exists 2018-03-18 10:48:38 +00:00
Bob Mottram f78c4345a9 Missing function 2018-03-18 10:44:47 +00:00
Bob Mottram f178603ba1 Show user 2018-03-18 10:41:26 +00:00
Bob Mottram a97c7d8dcf Move passwords to security settings 2018-03-18 10:33:43 +00:00
Bob Mottram 81942f9c22 No keypress after security settings 2018-03-18 10:20:18 +00:00
Bob Mottram 4702a67fa6 No padding 2018-03-18 10:07:05 +00:00
Bob Mottram e509d5a196 Move firewall display to security settings 2018-03-18 10:03:43 +00:00
Bob Mottram 96d41e4368 Narrower dialog 2018-03-18 09:57:44 +00:00
Bob Mottram 704932c1a0 Firewall display style 2018-03-18 09:55:34 +00:00
Bob Mottram e03071ec18 No break 2018-03-17 22:58:15 +00:00
Bob Mottram ea92af68f0 Bump pleroma commit 2018-03-17 22:23:42 +00:00
Bob Mottram 47feb45691 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-17 22:13:01 +00:00
Bob Mottram b2f92bbcc5 Security menu style 2018-03-17 22:10:44 +00:00
Bob Mottram ee1556bb9c echo pipe 2018-03-17 22:02:12 +00:00
Bob Mottram 0c1e3938b0 Backup menu style 2018-03-17 21:58:29 +00:00
Bob Mottram 44f8c11643 Administrator email menu style 2018-03-17 21:52:17 +00:00
Bob Mottram 6c97c1601e Blocking menu style 2018-03-17 21:49:38 +00:00
Bob Mottram d9689e22e8 Users menu style 2018-03-17 21:47:56 +00:00
Bob Mottram 1464ea0613 Wifi menu style 2018-03-17 21:45:53 +00:00
Bob Mottram df1961e553 Menu style for setting trust level 2018-03-17 21:42:19 +00:00
Bob Mottram f85e37e49e Menu dimensions 2018-03-17 21:36:51 +00:00
Bob Mottram 4a3eb2cdb0 Encryption keys menu style 2018-03-17 21:35:48 +00:00
Bob Mottram 498561ac49 Email filtering menu style 2018-03-17 21:33:26 +00:00
Bob Mottram 8508da2f53 User control panel menu style 2018-03-17 21:29:40 +00:00
Bob Mottram 6619ff74ff Dialog dimensions 2018-03-17 21:24:43 +00:00
Bob Mottram e96027b8d3 Different menu style 2018-03-17 21:19:41 +00:00
Bob Mottram 707d14b5d1 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-15 20:58:21 +00:00
Bob Mottram 45c484420b Unique nameservers 2018-03-15 20:56:45 +00:00
Bob Mottram c82d60bf43 dns ip addresses 2018-03-15 20:54:38 +00:00
Bob Mottram 685f31d7c8 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-15 14:58:30 +00:00
Bob Mottram e787882e04 Additional python package 2018-03-15 14:56:09 +00:00
Bob Mottram a9eabfeb20 0.27.0 matrix release candidate 2018-03-15 14:51:30 +00:00
Bob Mottram e729be95a3 Install prerequisites for pleroma in social instance 2018-03-14 19:05:24 +00:00
Bob Mottram 1e90417964 Try to fix pleroma mixed content warnings 2018-03-14 12:31:06 +00:00
Bob Mottram 899f34805a Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-13 22:46:52 +00:00
Bob Mottram a501536da0 set ownership after upgrade 2018-03-13 22:46:22 +00:00
Bob Mottram cff61c8d43 Tusky image 2018-03-13 12:59:05 +00:00
Bob Mottram ee6671d98a Link to pleroma documentation 2018-03-13 12:53:30 +00:00
Bob Mottram 96557fd0d2 Wording 2018-03-13 12:48:51 +00:00
Bob Mottram 17d7f7fc01 Documentation for social instance installs 2018-03-13 12:39:26 +00:00
Bob Mottram 5e5db6e713 Mention mastodon apps for pleroma 2018-03-12 21:54:01 +00:00
Bob Mottram a9fbb59d86 Bump pleroma commit 2018-03-12 21:08:07 +00:00
Bob Mottram 20a715d85a backslash not needed 2018-03-12 14:19:28 +00:00
Bob Mottram 92af54b951 Social instance image name 2018-03-12 14:08:36 +00:00
Bob Mottram ad5304b2f4 Social instance documentation 2018-03-12 14:02:04 +00:00
Bob Mottram 4ab3c0d3f2 manpage explanation for setting up fediverse instances 2018-03-12 10:44:52 +00:00
Bob Mottram 6fa411c451 Add pleroma social instance 2018-03-12 10:36:13 +00:00
Bob Mottram 10f7a2461c pleroma social instance doesn't need qvitter or separate fe 2018-03-12 10:19:42 +00:00
Bob Mottram 7b54d44049 Tidying 2018-03-12 10:17:21 +00:00
Bob Mottram 3b8ca656cc Exit if directory change fails 2018-03-12 10:08:47 +00:00
Bob Mottram fb57a56435 Install elixir within images 2018-03-12 10:06:45 +00:00
Bob Mottram b9f01c1985 Move elixir to its own file 2018-03-12 09:51:30 +00:00
Bob Mottram d07bcac281 Update documentation 2018-03-11 23:27:02 +00:00
Bob Mottram dfa5992a94 php configuration for gnusocial/postactiv 2018-03-11 11:03:30 +00:00
Bob Mottram fd1e7da688 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-10 13:04:27 +00:00
Bob Mottram 9c60ac9110 Configure eth0 within images 2018-03-10 12:45:40 +00:00
Bob Mottram 9fe1f91722 Initial dynamic eth0 configuration 2018-03-10 12:10:02 +00:00
Bob Mottram 3180e85973 lawful 2018-03-09 12:09:56 +00:00
Bob Mottram c02d08039d Signal in the faq 2018-03-09 11:11:51 +00:00
Bob Mottram eb7cae0e26 Note about signal 2018-03-09 10:59:55 +00:00
Bob Mottram eea2240506 Notes on openness of mobile 2018-03-09 10:54:59 +00:00
Bob Mottram 01a5dffd9f Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-09 10:42:34 +00:00
Bob Mottram 2618226dd7 battery optimisations 2018-03-09 10:21:41 +00:00
Bob Mottram 8b86b803ef typo 2018-03-09 10:18:37 +00:00
Bob Mottram 7fc6b4ab14 Note about battery optimisations on mobile 2018-03-09 10:16:15 +00:00
Bob Mottram 801776b795 bump pleroma commit
Second time lucky
2018-03-08 21:49:56 +00:00
Bob Mottram ea1d4e4a60 Run migrate during pleroma upgrade 2018-03-08 21:49:26 +00:00
Bob Mottram 9b44f6d23c Add host headers to pleroma 2018-03-08 21:13:02 +00:00
Bob Mottram c991935063 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-08 21:00:06 +00:00
Bob Mottram d7b5a04b2c dat-boi isn't really needed. Too experimental 2018-03-08 20:59:39 +00:00
Bob Mottram 3afa507b2e No quotes 2018-03-08 20:39:49 +00:00
Bob Mottram a59c3021ac No quotes 2018-03-08 20:36:12 +00:00
Bob Mottram 4701bf16a9 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-08 17:42:50 +00:00
Bob Mottram 75fac373bb Switching registration permissions for pleroma 2018-03-08 16:25:31 +00:00
Bob Mottram faca7a058e Remove comma 2018-03-08 15:29:17 +00:00
Bob Mottram d445ce1fb9 Revert "bump pleroma commit"
This reverts commit 545a5381cd.
2018-03-08 15:15:34 +00:00
Bob Mottram bf25e6ac37 Arrays without quotes 2018-03-08 14:38:15 +00:00
Bob Mottram 545a5381cd bump pleroma commit 2018-03-08 14:07:53 +00:00
Bob Mottram 5826c5112a migrate pleroma database 2018-03-08 14:04:43 +00:00
Bob Mottram f224ce22d1 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-08 12:43:00 +00:00
Bob Mottram 2ad3c4037f Copy without quotes 2018-03-08 12:42:21 +00:00
Bob Mottram fcff148f07 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-08 12:11:41 +00:00
Bob Mottram a012bc8477 Replacements in custom build script 2018-03-08 11:50:07 +00:00
Bob Mottram bbf1b9461d Consistent function style 2018-03-08 11:13:07 +00:00
Bob Mottram d1dce3d3d7 Consistent function style 2018-03-08 11:09:11 +00:00
Bob Mottram 4c21484c95 dat-boi daemon 2018-03-07 22:26:08 +00:00
Bob Mottram 0d7c503363 Commands to switch between wired and wireless mesh 2018-03-07 17:26:48 +00:00
Bob Mottram e209eef34e Allow mesh on an interface other than wlanX 2018-03-07 15:59:09 +00:00
Bob Mottram 9f14c00645 optionally a file can contain the mesh interface type 2018-03-07 15:35:10 +00:00
Bob Mottram 1564cb18db Not so restrictive on allowing mesh interfaces 2018-03-07 15:22:13 +00:00
Bob Mottram cd2af02c11 interface type for wifi adapter search 2018-03-07 15:09:31 +00:00
Bob Mottram 2ab10343d2 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-07 14:30:27 +00:00
Bob Mottram 0be4226f0b my 2018-03-07 14:29:45 +00:00
Bob Mottram 7c9c42ab6d Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-07 11:14:28 +00:00
Bob Mottram 43d6155d3b Don't repeatedly append onions map 2018-03-07 10:57:26 +00:00
Bob Mottram 8a19b05ef4 Add xmpp contact info 2018-03-07 10:52:18 +00:00
Bob Mottram 5846205b48 Setting upload limits in gnusocial/postactiv 2018-03-06 19:53:48 +00:00
Bob Mottram 5cb6466f87 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-06 17:27:11 +00:00
Bob Mottram 782b57c565 Include qvitter theme repo within images again 2018-03-06 17:26:42 +00:00
Bob Mottram f95c95d6ec Include postactiv repo within images again 2018-03-06 17:25:24 +00:00
Bob Mottram 7d8af8ed34 non-recursive clone 2018-03-06 16:51:28 +00:00
Bob Mottram 87b0a3b052 Fix substitutions 2018-03-06 16:18:20 +00:00
Bob Mottram 4bb3fe5ac3 Bad substitution 2018-03-06 16:07:16 +00:00
Bob Mottram ac3b83fbc2 Update postactiv repo and commit 2018-03-06 16:01:18 +00:00
Bob Mottram a0135ca512 When qvitter is enabled disable the content security policy, because otherwise you can't change the profile photo 2018-03-06 14:48:56 +00:00
Bob Mottram 02ec8d5c30 Bump gnusocial commit 2018-03-06 12:47:15 +00:00
Bob Mottram 24f58201cd Change function name 2018-03-05 18:15:29 +00:00
Bob Mottram 9b166b255a Download options are ok 2018-03-05 17:54:21 +00:00
Bob Mottram a7cdc5e7bf Move removals to the end to cover entire file 2018-03-05 17:49:24 +00:00
Bob Mottram eec34f4740 Move header options around to give onion sites better protection 2018-03-05 17:39:06 +00:00
Bob Mottram 5f8d2d9161 Set pleroma registrations open initially 2018-03-05 12:24:31 +00:00
Bob Mottram 2e07c45147 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-04 21:33:59 +00:00
Bob Mottram f32df0b102 postgres install 2018-03-04 21:32:40 +00:00
Bob Mottram 8330dad8b6 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-04 19:08:51 +00:00
Bob Mottram 8c75814291 Fix dialog arguments 2018-03-04 19:08:28 +00:00
Bob Mottram ac086978db Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-04 18:50:36 +00:00
Bob Mottram 472da22b14 Static analysis tests manpage 2018-03-04 18:41:30 +00:00
Bob Mottram 2c91a9369c Don't need ssh port in bashrc 2018-03-04 18:14:50 +00:00
Bob Mottram e788a5b171 Don't need list 2018-03-04 17:27:57 +00:00
Bob Mottram 0af680fc03 Update mesh ssb app 2018-03-04 12:40:40 +00:00
Bob Mottram 0a3d454a46 Backslash 2018-03-04 12:11:47 +00:00
Bob Mottram b65b72bd2c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-04 12:03:42 +00:00
Bob Mottram 4ca29d02e5 Credit scores on passwords 2018-03-04 11:55:35 +00:00
Bob Mottram eb6103f19a Deprecate cert bundle 2018-03-04 11:40:54 +00:00
Bob Mottram f1f789415e Don't quote extensions 2018-03-04 11:38:02 +00:00
Bob Mottram 978f848350 Exit if certificate check fails 2018-03-03 22:36:56 +00:00
Bob Mottram 5db74ee7df Checking certificates for onion only versions 2018-03-03 22:26:29 +00:00
Bob Mottram 62e891c141 Update manpage for static analysis tests 2018-03-03 19:47:31 +00:00
Bob Mottram 895678b6b8 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-03 19:34:54 +00:00
Bob Mottram 31da9595e7 Make static analysis tests optional
They take too long otherwise
2018-03-03 19:34:15 +00:00
Bob Mottram baee769f08 File encoding 2018-03-03 19:13:52 +00:00
Bob Mottram 92ccc595d0 File encoding 2018-03-03 19:01:43 +00:00
Bob Mottram 52f0ffd397 File encoding 2018-03-03 18:47:08 +00:00
Bob Mottram 304c7ae258 File encoding 2018-03-03 18:37:36 +00:00
Bob Mottram 87a8432cab File encoding 2018-03-03 18:28:22 +00:00
Bob Mottram 8dc3bf59bc Fix makefile removals 2018-03-03 18:15:47 +00:00
Bob Mottram 5ebf5430da File encoding 2018-03-03 18:10:00 +00:00
Bob Mottram b3a57b9f1c file encoding 2018-03-03 18:01:19 +00:00
Bob Mottram 6a48ff3ad2 fix password creation 2018-03-03 17:46:24 +00:00
Bob Mottram 33d3301399 No quotes 2018-03-03 15:45:45 +00:00
Bob Mottram b87d5b04aa Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-03 13:54:25 +00:00
Bob Mottram 5c11e00a08 quotes 2018-03-03 13:52:35 +00:00
Bob Mottram 3efe97a70f Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-03 13:48:41 +00:00
Bob Mottram d4dc19f88d No quotes on extra options 2018-03-03 13:31:53 +00:00
Bob Mottram 2f9811ac5a quotes 2018-03-03 13:16:25 +00:00
Bob Mottram d57d8cf8a7 printf rather than echo 2018-03-03 13:15:52 +00:00
Bob Mottram 057fcfaa6f Moves without quotes
This seems to cause problems when building images
2018-03-03 12:36:02 +00:00
Bob Mottram 5c297934a3 quotes back 2018-03-03 12:20:31 +00:00
Bob Mottram 0349c88837 Try move without quotes 2018-03-03 12:09:59 +00:00
Bob Mottram 369a297a77 quotes with wildcard 2018-03-03 11:49:17 +00:00
Bob Mottram 6db3860710 More info on copy failure 2018-03-03 11:25:03 +00:00
Bob Mottram d9f424c9e2 Check for presence of golang directory 2018-03-03 11:10:44 +00:00
Bob Mottram bc1c81cc89 quotes 2018-03-03 10:41:13 +00:00
Bob Mottram bb39f77020 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-03-03 10:36:40 +00:00
Bob Mottram 6e84c5fdac Excluded static analysis tests 2018-03-03 09:55:51 +00:00
Bob Mottram 9801333767 Remove quotes 2018-03-02 23:23:55 +00:00
Bob Mottram 5ab9a4cb05 Disable quotes 2018-03-02 23:12:14 +00:00
Bob Mottram a4086b9e79 onion port test files 2018-03-02 23:06:15 +00:00
Bob Mottram 3f4c390a5d Fix static analysis failures 2018-03-02 23:02:43 +00:00
Bob Mottram 6210aaf400 Fix static analysis failures 2018-03-02 23:00:56 +00:00
Bob Mottram 76e4603808 Fix static analysis failures 2018-03-02 22:58:38 +00:00
Bob Mottram 8174c563fa Fix static analysis failures 2018-03-02 22:56:38 +00:00
Bob Mottram efadadad13 start function 2018-03-02 22:54:51 +00:00
Bob Mottram d5d74165c0 quotes 2018-03-02 22:50:39 +00:00
Bob Mottram 9786dd93e4 Ignore makefile 2018-03-02 22:47:44 +00:00
Bob Mottram 7aea3f0f7c Ignore makefile 2018-03-02 22:45:32 +00:00
Bob Mottram 9d9a45663a No echo 2018-03-02 22:41:58 +00:00
Bob Mottram 651809c32c Fix static analysis failures 2018-03-02 22:39:47 +00:00
Bob Mottram 52188a30a5 Ignore config file 2018-03-02 22:37:18 +00:00
Bob Mottram 8d8aaf9ef9 greater than 2018-03-02 22:34:33 +00:00
Bob Mottram 52ca718a4b Quotes 2018-03-02 22:32:35 +00:00
Bob Mottram 1d568eecea Remove existing commands before installing 2018-03-02 22:31:57 +00:00
Bob Mottram e7b3c1f10b static analysis of freedombone commands 2018-03-02 22:27:58 +00:00
Bob Mottram 44dd4e3ec6 Fix static analysis failures 2018-03-02 22:22:34 +00:00
Bob Mottram ec6e2e5851 Tidying 2018-03-02 22:20:49 +00:00
Bob Mottram 9a6aee1de7 Fix static analysis failures 2018-03-02 20:40:59 +00:00
Bob Mottram 65ded7b2eb Fix static analysis failures 2018-03-02 20:33:00 +00:00
Bob Mottram dd2faeb37c Fix static analysis failures 2018-03-02 20:28:26 +00:00
Bob Mottram b654a47059 Exit on failure 2018-03-02 20:26:40 +00:00
Bob Mottram c08e56d3cd Fix static analysis failures 2018-03-02 20:25:09 +00:00
Bob Mottram 0bac095afe Fix static analysis failures 2018-03-02 20:23:29 +00:00
Bob Mottram 67c939cab6 Fix static analysis failures 2018-03-02 20:21:55 +00:00
Bob Mottram 8744b1ef6b Fix static analysis failures 2018-03-02 20:20:58 +00:00
Bob Mottram c6a76d2393 Fix static analysis failures 2018-03-02 20:19:43 +00:00
Bob Mottram a9153dbf15 Quotes 2018-03-02 20:18:08 +00:00
Bob Mottram 20bab2e9d7 Fix static analysis failures 2018-03-02 20:16:53 +00:00
Bob Mottram a9a2e74905 Fix static analysis failures 2018-03-02 20:15:39 +00:00
Bob Mottram 453ce1fa37 Fix static analysis failures 2018-03-02 20:10:21 +00:00
Bob Mottram 24f38c53f3 Fix static analysis failures 2018-03-02 20:09:25 +00:00
Bob Mottram c44d07bd2f wifi utils static analysis 2018-03-02 20:07:54 +00:00
Bob Mottram f13c18092f Removing trap 2018-03-02 19:55:56 +00:00
Bob Mottram e053de23af quotes 2018-03-02 19:54:04 +00:00
Bob Mottram fcc87c9bf7 quotes 2018-03-02 19:52:07 +00:00
Bob Mottram 02627accb1 Fix static analysis failures 2018-03-02 19:47:04 +00:00
Bob Mottram 82ca75d2fa Fix static analysis failures 2018-03-02 19:45:59 +00:00
Bob Mottram 5b9c77cc8d Fix static analysis failures 2018-03-02 19:45:05 +00:00
Bob Mottram 4060c44e4e Fix static analysis failures 2018-03-02 19:44:18 +00:00
Bob Mottram c4b091c281 Fix static analysis failures 2018-03-02 19:39:00 +00:00
Bob Mottram 087115fa23 Install shellcheck if needed 2018-03-02 19:36:51 +00:00
Bob Mottram 1de2c88d04 Include static analysis in tests 2018-03-02 19:34:44 +00:00
Bob Mottram 8112c240ae Tidying 2018-03-02 19:17:02 +00:00
Bob Mottram 9a1f8e6f26 Deprecate wekan
The main problem was that it has a dependency which won't run on arm
2018-03-01 11:46:35 +00:00
Bob Mottram 7888f7ae63 Tidying 2018-03-01 11:45:51 +00:00
Bob Mottram fa8f96bfdb Tidying 2018-02-28 23:17:49 +00:00
Bob Mottram 5479d49dc9 More tidying 2018-02-27 14:11:56 +00:00
Bob Mottram 8848ea40ef Tidying 2018-02-26 13:50:40 +00:00
Bob Mottram 8b4ddff6eb Tidying gnusocial utils 2018-02-25 22:15:36 +00:00
Bob Mottram 05f39281f2 Tidying function checking utils 2018-02-25 17:32:57 +00:00
Bob Mottram feca89a19f Tidying database utils 2018-02-25 17:28:57 +00:00
Bob Mottram f2429555a8 Tidying cryptopp utils 2018-02-25 15:20:03 +00:00
Bob Mottram 4e655ae8da Tidying cron utils 2018-02-25 15:16:23 +00:00
Bob Mottram 34e59ae030 Tidying config utils 2018-02-25 14:51:29 +00:00
Bob Mottram 229a9c3091 Tidying cmake utils 2018-02-25 14:41:52 +00:00
Bob Mottram fee71d392e Tidying backup utils 2018-02-25 14:35:20 +00:00
Bob Mottram bcf377b9cd Tidy avahi utils 2018-02-25 13:49:17 +00:00
Bob Mottram 443d7a7913 Function name is an array 2018-02-25 12:50:46 +00:00
Bob Mottram ad8d266452 Tidying zram 2018-02-25 11:27:48 +00:00
Bob Mottram 94053f6bed Tidying wifi command 2018-02-25 11:04:13 +00:00
Bob Mottram 6a9bd38440 Install command to do static analysis on bash scripts 2018-02-25 10:29:50 +00:00
Bob Mottram d37241040b wifi configuration for image builds 2018-02-24 15:51:33 +00:00
Bob Mottram f0cf4d28bd wifi type options 2018-02-24 14:32:08 +00:00
Bob Mottram ae0f11d183 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-24 10:41:40 +00:00
Bob Mottram 8d804e63ab Also preserve pleroma banner files 2018-02-24 10:41:10 +00:00
Bob Mottram 5f0f543008 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-24 10:16:04 +00:00
Bob Mottram 5c8b3c7ab9 Fix pleroma expire script 2018-02-24 10:13:19 +00:00
Bob Mottram 41bea51a0e Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-23 20:42:19 +00:00
Bob Mottram d6bc979aeb Remove i2p repo 2018-02-23 20:41:42 +00:00
Bob Mottram e9d02969f5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-23 14:05:20 +00:00
Bob Mottram 82d5e32315 Restart after upgrade 2018-02-23 13:22:52 +00:00
Bob Mottram 1fc058f925 ttrss on v2 onion address for now 2018-02-23 13:20:18 +00:00
Bob Mottram 5b782e51fd Ensure that v2 onion address flag gets cleared on each call 2018-02-23 11:49:00 +00:00
Bob Mottram 3e03e30fd2 Option to force usage of v2 onion address
Hopefully this won't be needed for long
2018-02-23 11:46:13 +00:00
Bob Mottram 8fe06f8111 Remove tor notices 2018-02-23 10:21:10 +00:00
Bob Mottram ce2d1f4d1d No longer using bitmessage 2018-02-22 18:07:34 +00:00
Bob Mottram c1ee0e0c88 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-22 13:24:25 +00:00
Bob Mottram bcfdb4ac18 manpage for tests 2018-02-22 13:22:26 +00:00
Bob Mottram 5d999f33c6 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-22 12:54:55 +00:00
Bob Mottram e25c721f9b Don't enable port 443 on ipv6 for nginx. This seems to cause problems which cause web server down time 2018-02-22 12:53:35 +00:00
Bob Mottram 24a1da36df Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-22 12:11:01 +00:00
Bob Mottram 68a17a2ba9 Retire the mesh command
The was the previous paradigm which now isn't recommended
2018-02-22 12:10:23 +00:00
Bob Mottram e493578beb xmpp password command not needed 2018-02-22 12:04:45 +00:00
Bob Mottram 63fca83710 Tidying manpages 2018-02-22 12:02:28 +00:00
Bob Mottram e3c966aaf7 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-21 21:42:26 +00:00
Bob Mottram e7ddb66c50 Use cron functions 2018-02-21 21:40:30 +00:00
Bob Mottram 3f59c12af7 Dates 2018-02-21 19:32:13 +00:00
Bob Mottram 3a3a03e200 License header 2018-02-21 19:14:05 +00:00
Bob Mottram d96be10a40 quote 2018-02-21 16:16:59 +00:00
Bob Mottram 072e73549e Add Pleroma to apps list 2018-02-21 15:05:52 +00:00
Bob Mottram e08de3947c Mention blocking on pleroma documentation 2018-02-21 15:02:14 +00:00
Bob Mottram 59746d376a Link to fediverse doc 2018-02-21 14:59:34 +00:00
Bob Mottram 36d39c34a3 Federation as a concept 2018-02-21 14:53:20 +00:00
Bob Mottram e5cff004fe Move xmpp user removal into the app script 2018-02-21 11:15:13 +00:00
Bob Mottram 925d3b05eb Adding xmpp users defined within the app script 2018-02-21 11:02:56 +00:00
Bob Mottram 3c23979965 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-20 19:58:41 +00:00
Bob Mottram 200c07a507 otr may be removed from conversations 2018-02-20 19:58:15 +00:00
Bob Mottram 457b4eabc6 Remove sip altogether
I've never been able to get sip to work, despite trying multiple apps and server software types, and this may be due to telco interference
2018-02-20 14:34:40 +00:00
Bob Mottram 3eac53cb2f Since it looks like Conversations will be dropping OTR 2018-02-20 11:22:02 +00:00
Bob Mottram 0c025e21c2 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-18 20:10:06 +00:00
Bob Mottram 95ce59bfa8 Deprecate support for building images for beaglebone black wireless
It looks like the TI wifi drivers really are non-free since they require extracting stuff from binary files in order to compile the firmware
2018-02-18 20:08:07 +00:00
Bob Mottram 873f5378e8 Separate functions 2018-02-18 15:39:16 +00:00
Bob Mottram 6fa15e8457 Alternative name for wireless beaglebone 2018-02-18 15:14:36 +00:00
Bob Mottram ec0ed6958f Set variant 2018-02-18 15:12:23 +00:00
Bob Mottram 37f1b5ec49 Wireless beaglebone variant 2018-02-18 15:08:41 +00:00
Bob Mottram 16b50147cb Dialog sizes 2018-02-18 14:33:22 +00:00
Bob Mottram 3e9d2f0e09 Check for database scheme at an earlier stage 2018-02-18 12:45:44 +00:00
Bob Mottram 9351ed6598 Hubzilla path 2018-02-18 12:44:29 +00:00
Bob Mottram 3ba7b5db42 Disable site if certificate creation fails 2018-02-18 12:35:01 +00:00
Bob Mottram 6d144044cf Call the remove function 2018-02-18 11:44:25 +00:00
Bob Mottram bc8666ad17 Remove any previous failed hubzilla install 2018-02-18 11:43:44 +00:00
Bob Mottram 81ecf3cb20 Update hubzilla commits 2018-02-18 11:37:23 +00:00
Bob Mottram 00a6da45f0 quote 2018-02-17 21:20:06 +00:00
Bob Mottram cd606bad3d Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-17 20:20:12 +00:00
Bob Mottram c9a92fd4f7 Use agent during verification 2018-02-17 15:19:59 +00:00
Bob Mottram 05c53ce59c Stopping and restarting pleroma during backups 2018-02-17 15:07:52 +00:00
Bob Mottram b8327a4461 User agent setup not needed for users during backup 2018-02-17 15:00:00 +00:00
Bob Mottram e0832a2d4f Backup with use-agent 2018-02-17 14:50:09 +00:00
Bob Mottram 6e5ffcc9ea Handling user agent during user files backup 2018-02-17 14:41:45 +00:00
Bob Mottram d528d904cc Simplify 2018-02-17 14:34:40 +00:00
Bob Mottram 3dec7889b0 Use agent 2018-02-17 14:29:17 +00:00
Bob Mottram a34b251cb9 gpg agent for root 2018-02-17 14:19:32 +00:00
Bob Mottram c2e0f68541 Also show bdsmail address 2018-02-16 13:25:58 +00:00
Bob Mottram 8f6c364229 Show bdsmail address as a QR code 2018-02-16 13:22:52 +00:00
Bob Mottram f84f6aff3a add/remove not app settings 2018-02-16 11:55:20 +00:00
Bob Mottram 3326340add Wording 2018-02-16 10:49:51 +00:00
Bob Mottram 2784c6bd45 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-16 10:44:12 +00:00
Bob Mottram 8329a6bab8 Documentation for bdsmail 2018-02-16 10:43:14 +00:00
Bob Mottram 93534f9d67 bdsmail ports 2018-02-16 10:02:15 +00:00
Bob Mottram fb5fe89009 handling of bdsmail admin password 2018-02-15 21:14:21 +00:00
Bob Mottram da55d4d06e mailtool has to be run from the bdsmail directory 2018-02-15 19:48:01 +00:00
Bob Mottram 1f50c4f2cb Duplicate username 2018-02-15 18:55:35 +00:00
Bob Mottram b27b7799ca file 2018-02-15 18:52:47 +00:00
Bob Mottram c2a50e3afb Typo 2018-02-15 18:51:23 +00:00
Bob Mottram e6ef736b07 Different way of getting bdsmail address 2018-02-15 18:50:20 +00:00
Bob Mottram f86e711f2a More messing with of i2p install 2018-02-15 18:21:59 +00:00
Bob Mottram d9281a37ad Better compare 2018-02-14 19:21:40 +00:00
Bob Mottram a0a3d9f9a5 Add blocked domains to /etc/hosts 2018-02-14 19:10:25 +00:00
Bob Mottram 578af997ca Remove i2p log files 2018-02-14 18:18:49 +00:00
Bob Mottram 10ee8db478 Remove i2p directories 2018-02-14 17:59:38 +00:00
Bob Mottram 6c7bd07f05 bdsmail commit 2018-02-14 17:27:02 +00:00
Bob Mottram a995b5dc5b Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-14 14:32:53 +00:00
Bob Mottram 261698c0e2 bdsmail commit 2018-02-14 14:23:25 +00:00
Bob Mottram 70b42d8802 Remove and reinstall i2p 2018-02-14 14:18:25 +00:00
Bob Mottram 79448aa603 Update i2p domains during bdsmail upgrade if needed 2018-02-14 13:24:52 +00:00
Bob Mottram 0332699f60 bdsmail commit 2018-02-14 13:21:08 +00:00
Bob Mottram 53f0a66f6e Reconfigure for bdsmail 2018-02-14 12:54:08 +00:00
Bob Mottram 63c42cb6ff Longer waits to allow for key generation 2018-02-14 12:33:04 +00:00
Bob Mottram 0006d46393 Bump bdsmail commit 2018-02-14 12:29:58 +00:00
Bob Mottram 2e72583677 Detect potential ssh login attacks 2018-02-14 12:11:50 +00:00
Bob Mottram 159bff133f Include bdsmail in images 2018-02-14 11:38:32 +00:00
Bob Mottram 8b272df109 Tidying 2018-02-13 22:58:07 +00:00
Bob Mottram f0fe7828e6 backslash 2018-02-13 22:55:05 +00:00
Bob Mottram b60ff37349 pop3 server in bdsmail config 2018-02-13 21:03:12 +00:00
Bob Mottram ae86a375aa bdsmail commit 2018-02-13 20:57:01 +00:00
Bob Mottram 224a559c79 We don't need to gpg sign bdsmail by default 2018-02-13 20:53:04 +00:00
Bob Mottram eeebdbf4e9 quotes 2018-02-13 20:28:09 +00:00
Bob Mottram 9a7b8183bd username when creating password entry 2018-02-13 20:23:12 +00:00
Bob Mottram ae46a1b5e6 Create bdsmail admin password 2018-02-13 20:20:14 +00:00
Bob Mottram 68f2b6faad Revert "Revert "bdsmail commit and change name of mailtool""
This reverts commit 1e4c768b31.
2018-02-13 20:01:57 +00:00
Bob Mottram 2fa207e124 Deprecate supplying a password for bdsmail 2018-02-13 19:55:21 +00:00
Bob Mottram 1e4c768b31 Revert "bdsmail commit and change name of mailtool"
This reverts commit 5bcf9ccdbb.
2018-02-13 19:42:33 +00:00
Bob Mottram 5bcf9ccdbb bdsmail commit and change name of mailtool 2018-02-13 19:27:19 +00:00
Bob Mottram 4b58ea23a8 bdsmail file permissions 2018-02-13 19:21:14 +00:00
Bob Mottram 78bcc77896 Add a script to distribute bdsmail to user maildirs 2018-02-13 18:54:26 +00:00
Bob Mottram a3c92759b7 bdsmail commit 2018-02-13 16:10:14 +00:00
Bob Mottram 6e4a9ba84d upgrades of bdsmail 2018-02-13 15:31:50 +00:00
Bob Mottram a8fdb02085 bdsmail install fails in a safe condition 2018-02-13 13:29:20 +00:00
Bob Mottram 645bcf9f34 Additional security policy settings for ttrss 2018-02-13 11:33:27 +00:00
Bob Mottram 1a11a8cfdd Clear password after use 2018-02-13 10:23:32 +00:00
Bob Mottram 455b2c6f7b Remove redundant comment 2018-02-13 10:21:54 +00:00
Bob Mottram 1ed2a728ed Height of password dialog 2018-02-13 10:21:04 +00:00
Bob Mottram dc0034286b Ask for the user account password first 2018-02-13 10:19:23 +00:00
Bob Mottram 60857daa17 Don't need the bdsmail firewall 2018-02-13 10:10:52 +00:00
Bob Mottram 6444469967 i2p firewall for smtp 2018-02-12 23:21:49 +00:00
Bob Mottram 0702d2448c Ask for user password to create maildir account 2018-02-12 22:24:23 +00:00
Bob Mottram 2e8a796946 Convert domain to lower case 2018-02-12 22:13:31 +00:00
Bob Mottram 0dc6df1095 double quotes 2018-02-12 21:03:47 +00:00
Bob Mottram 8548de8fa6 Maximum 2018-02-12 21:00:45 +00:00
Bob Mottram e3bacb5464 Missing package installs in documentation 2018-02-12 20:14:02 +00:00
Bob Mottram 674d6d835a bdsmail directory 2018-02-12 19:56:54 +00:00
Bob Mottram 4d06910eb0 Creating bdsmail users 2018-02-12 19:53:25 +00:00
Bob Mottram c1643e475b bdsmail directory 2018-02-12 18:39:44 +00:00
Bob Mottram 4c8edf2ad6 Wait longer 2018-02-12 15:00:02 +00:00
Bob Mottram db05c3364f Add some restarts 2018-02-12 14:33:18 +00:00
Bob Mottram 49f094140c Configure bdsmail users 2018-02-12 13:51:45 +00:00
Bob Mottram 5b9246ca7e Increase width 2018-02-12 13:41:00 +00:00
Bob Mottram c1c7a6c78c Show i2p address on user control panel 2018-02-12 13:39:47 +00:00
Bob Mottram 799a31ce8f Add users to i2p group when bdsmail is installed 2018-02-12 13:16:15 +00:00
Bob Mottram 55e690a84a Set maildir for bdsmail 2018-02-12 13:04:42 +00:00
Bob Mottram c0e4a888b9 bdsmail integration with mutt 2018-02-12 13:02:29 +00:00
Bob Mottram 1ea457c555 Message while installing bdsmail 2018-02-12 11:05:43 +00:00
Bob Mottram 72f753b491 Better handling if private key has not yet been generated 2018-02-12 10:57:53 +00:00
Bob Mottram 580f229333 More retries 2018-02-12 10:52:20 +00:00
Bob Mottram 89e797a6e8 permission on get_address 2018-02-12 10:41:38 +00:00
Bob Mottram 97d6524c90 Use the i2p user for bdsmail daemon 2018-02-12 10:34:24 +00:00
Bob Mottram 6562d131f7 Add a restart 2018-02-12 10:23:22 +00:00
Bob Mottram 37ac4dd20e Improve removal of i2p 2018-02-12 10:09:10 +00:00
Bob Mottram 1bd4926462 Also autoremove 2018-02-11 23:36:07 +00:00
Bob Mottram 9eaca4e4da Enable sam 2018-02-11 23:21:50 +00:00
Bob Mottram a81a98eb53 Wait longer 2018-02-11 23:00:55 +00:00
Bob Mottram d0d46a8b76 Reload sysctl 2018-02-11 22:55:55 +00:00
Bob Mottram 218875928e Remove bdsmail if previously installed 2018-02-11 22:48:07 +00:00
Bob Mottram 76e56cd85e Message order 2018-02-11 22:43:00 +00:00
Bob Mottram 561a74c846 Remove i2p share directory 2018-02-11 22:40:33 +00:00
Bob Mottram bb18a8c9be Better handling of install failure 2018-02-11 22:34:17 +00:00
Bob Mottram 81810058a9 restart 2018-02-11 22:27:31 +00:00
Bob Mottram 98f460273c Additional waits 2018-02-11 22:24:53 +00:00
Bob Mottram 5b7c64a655 Weird typo 2018-02-11 22:20:54 +00:00
Bob Mottram 862aacf876 Wait for bdsmail initialisation 2018-02-11 22:18:46 +00:00
Bob Mottram 935fc2234f Too many makes 2018-02-11 22:10:52 +00:00
Bob Mottram 2ba7792ebb add bdsmail app 2018-02-11 22:08:12 +00:00
Bob Mottram 637647e207 Remove directories if they exist 2018-02-11 19:41:55 +00:00
Bob Mottram 6a54a30e50 Enable ipv6 when i2p is installed 2018-02-11 19:38:05 +00:00
Bob Mottram 1e687aa54f i2p utilities 2018-02-11 13:44:17 +00:00
Bob Mottram a8f6cd320f Bump go version 2018-02-11 12:14:25 +00:00
Bob Mottram a3579562a0 Redundant command 2018-02-11 12:11:16 +00:00
Bob Mottram b6ea8db5c6 Drop the database and its owner 2018-02-11 12:06:08 +00:00
Bob Mottram 09759b7da5 Changing peertube signup state 2018-02-11 11:54:06 +00:00
Bob Mottram e17238eed8 Shenanigans with the admin email address for peertube
If you define it when the config file is created then it doesn't subsequently allow you to signup a user with the same email
2018-02-11 11:42:50 +00:00
Bob Mottram 69f90f1214 Not using a conventional email address in the peertube admin setting prevents it from installing 2018-02-11 10:41:42 +00:00
Bob Mottram f6960ccba0 peertube config 2018-02-10 20:42:53 +00:00
Bob Mottram 9eb9e7f46c Add architecture 2018-02-10 20:11:47 +00:00
Bob Mottram 43b5121aa0 Revert recent peertube changes 2018-02-10 20:07:50 +00:00
Bob Mottram abd7011b70 No peertube stop script 2018-02-09 21:25:44 +00:00
Bob Mottram f5cea90040 More peertube fixes 2018-02-09 21:02:28 +00:00
Bob Mottram 21614bece9 Switch path during upgrades 2018-02-09 15:43:19 +00:00
Bob Mottram 1ed1a4a56d Switching paths 2018-02-09 15:37:37 +00:00
Bob Mottram 0f13d6b12d no alias 2018-02-09 15:32:04 +00:00
Bob Mottram 161ca39a89 Missing command 2018-02-09 15:24:35 +00:00
Bob Mottram 12b95f0e76 Try building peertube locally with a recent node version 2018-02-09 15:20:34 +00:00
Bob Mottram 45ade39c80 Include architecture 2018-02-09 12:42:43 +00:00
Bob Mottram f748e86c63 Bump peertube commit 2018-02-09 12:10:35 +00:00
Bob Mottram ca34c422a9 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-09 11:49:40 +00:00
Bob Mottram 3ae075475f Commas 2018-02-08 17:03:33 +00:00
Bob Mottram fb4ae026d1 bump pleroma commit to fix Agent problem with chat 2018-02-08 15:23:06 +00:00
Bob Mottram 223ebddeaa Ensure that elixir gets updated 2018-02-08 14:51:17 +00:00
Bob Mottram 4987bba4a0 Restart pleroma daemon after restore 2018-02-08 12:33:34 +00:00
Bob Mottram efa147b2c5 Update pleroma after restore 2018-02-08 12:31:25 +00:00
Bob Mottram 2962ae0575 Remove previous emoji file on upgrade 2018-02-08 12:25:40 +00:00
Bob Mottram e17aebfa11 Ensure that custom pleroma emoji don't get lost during upgrade 2018-02-08 12:20:25 +00:00
Bob Mottram ed9b8f77cf Prevent the pleroma logo from getting overwritten during upgrades 2018-02-08 11:29:59 +00:00
Bob Mottram 2374a4f746 Prevent the pleroma background from getting overwritten during upgrades 2018-02-08 11:25:08 +00:00
Bob Mottram 63416610d9 Restore config before recompiling pleoma 2018-02-08 11:12:23 +00:00
Bob Mottram 8790ec7ebb Ensure that the pleroma config doesn't get overwritten during upgrades 2018-02-08 11:07:53 +00:00
Bob Mottram 02598e7885 More efficient pleroma blocking script. This runs three queries instead of multiple queries per block 2018-02-08 10:49:16 +00:00
Bob Mottram 2d19a3d187 Revert "Format as fat32"
This reverts commit 8e3b80c4b2.
2018-02-07 22:55:27 +00:00
Bob Mottram 8e3b80c4b2 Format as fat32
This goes up to 2TB of backup storage, so should be adequate There appears to be a problem with formatting some USB drives as ext4 with LUKS. This might be because the onboard flash controller is specialized for fat and nothing else
2018-02-07 22:05:17 +00:00
Bob Mottram 8d4dd741ed Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-07 11:06:42 +00:00
Bob Mottram 9cad105d3c Double backslash 2018-02-07 10:51:27 +00:00
Bob Mottram 8e9fcb6ee2 Multi-line 2018-02-07 10:50:17 +00:00
Bob Mottram dce6fca556 More examples 2018-02-07 10:48:03 +00:00
Bob Mottram 3788bd3ae6 Optional function 2018-02-07 10:29:37 +00:00
Bob Mottram 8b6aff32a8 Not ready to go 2018-02-07 10:27:50 +00:00
Bob Mottram f74db8a922 Documentation including internal port 2018-02-07 10:17:23 +00:00
Bob Mottram 08a14be3f6 Internal port 2018-02-07 10:13:29 +00:00
Bob Mottram a4cd59a1df Double quotes 2018-02-07 10:06:41 +00:00
Bob Mottram cc3510e080 Matrix room 2018-02-06 22:30:44 +00:00
Bob Mottram 4abab0104a Tidying on multiple lines 2018-02-06 22:00:15 +00:00
Bob Mottram 511a8c1683 Document use of the template command 2018-02-06 21:56:15 +00:00
Bob Mottram 2d078653bb manpage for freedombone-template 2018-02-06 21:43:28 +00:00
Bob Mottram 4e963d5106 Conversion to upper case 2018-02-06 20:12:03 +00:00
Bob Mottram 666c2b1cb5 If daemon is specified then use proxy_pass 2018-02-06 19:46:50 +00:00
Bob Mottram a7e550ebc5 Optional install directory 2018-02-06 19:36:51 +00:00
Bob Mottram cc6ffc6c41 Nextcloud 13 2018-02-06 19:16:45 +00:00
Bob Mottram 2ba896eaa8 option to add daemon 2018-02-06 19:08:07 +00:00
Bob Mottram 82dabcaf05 Remove daemon if one is present 2018-02-06 18:46:47 +00:00
Bob Mottram 190d60d448 Support for apps only on onion addresses 2018-02-06 18:39:49 +00:00
Bob Mottram 51ceb967a5 port within app script generator 2018-02-06 18:21:35 +00:00
Bob Mottram 7a882b93e7 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-06 15:43:32 +00:00
Bob Mottram 17395a0b3c Retire the riot logo 2018-02-06 15:42:17 +00:00
Bob Mottram d29959d363 Moving is quicker 2018-02-06 14:56:50 +00:00
Bob Mottram 7f3d87617f update pleroma expire scripts 2018-02-06 14:31:53 +00:00
Bob Mottram b706fdba11 Keep avatar images when expiring posts 2018-02-06 14:28:52 +00:00
Bob Mottram 3f8fbf093c postgres query with output 2018-02-06 14:04:36 +00:00
Bob Mottram 6d3eb6b486 Template command for creating apps 2018-02-05 23:54:10 +00:00
Bob Mottram 3bb1002538 Enable gpg-agent for users 2018-02-05 15:42:43 +00:00
Bob Mottram 5f9fdcb159 Tidying 2018-02-05 14:57:38 +00:00
Bob Mottram 6d541dc780 Fix some gpg permissions which otherwise prevent searching for keys 2018-02-05 14:55:01 +00:00
Bob Mottram 82645af71a Different from current user 2018-02-05 13:01:54 +00:00
Bob Mottram 0da7162f90 su only needed for root 2018-02-05 12:59:28 +00:00
Bob Mottram 66b8734b0c Setup gpg agent 2018-02-05 12:56:41 +00:00
Bob Mottram 00429b3989 Fixing broken gpg key search 2018-02-05 10:14:00 +00:00
Bob Mottram 3aacf66e30 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-04 22:54:20 +00:00
Bob Mottram c8ee6129d0 Create ghost config file 2018-02-04 22:53:50 +00:00
Bob Mottram e70e03e87e Video suggestion 2018-02-04 21:22:26 +00:00
Bob Mottram b9050b9b2f Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-04 21:11:39 +00:00
Bob Mottram 07d458d75b Home link 2018-02-04 21:11:15 +00:00
Bob Mottram 1395301121 Link to support page from index 2018-02-04 21:09:47 +00:00
Bob Mottram bc9038d39d Add matrix to support document 2018-02-04 21:06:46 +00:00
Bob Mottram bb9124c374 Update documentation for setting mailpile password 2018-02-03 20:21:19 +00:00
Bob Mottram c51b6f18cd Update mailpile setup image 2018-02-03 19:51:57 +00:00
Bob Mottram 7b00d50303 Only change if cert file exists 2018-02-03 19:26:31 +00:00
Bob Mottram 6598b068b7 Only use letsencrypt if not in onion only 2018-02-03 19:24:24 +00:00
Bob Mottram aebf5e5058 Use letsencrypt with dovecot 2018-02-03 19:22:46 +00:00
Bob Mottram 853b1a90cf Bump mailpile commit 2018-02-03 17:54:10 +00:00
Bob Mottram 92bf79c545 Remove google links from edith app 2018-02-03 11:42:00 +00:00
Bob Mottram a52d446a95 edith notes image 2018-02-02 20:48:21 +00:00
Bob Mottram 3052262b70 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-02 17:01:50 +00:00
Bob Mottram eed3f511d1 Selected app 2018-02-02 16:22:33 +00:00
Bob Mottram 467f6c22ab Try to obtain domain name from config file 2018-02-02 16:16:48 +00:00
Bob Mottram 4a852d5bab Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-02 15:22:07 +00:00
Bob Mottram 642ddc47f9 More width on password entry to show longer onion address 2018-02-02 15:08:33 +00:00
Bob Mottram c6ce601187 Documentation for edith app 2018-02-02 14:55:44 +00:00
Bob Mottram 201a907a87 Registered editors 2018-02-02 13:40:06 +00:00
Bob Mottram 53e728fe78 Include edith repo in images 2018-02-02 13:32:40 +00:00
Bob Mottram 84476be49b Default to login with edith notes 2018-02-02 13:29:46 +00:00
Bob Mottram 98701b259c Remove restricts 2018-02-02 13:10:22 +00:00
Bob Mottram ea38e19368 Change try files 2018-02-02 13:09:20 +00:00
Bob Mottram 3536b50552 Remove the hidden service version line when removing onion addresses 2018-02-02 12:55:11 +00:00
Bob Mottram 346dfbb0cc Create onion site later 2018-02-02 12:27:42 +00:00
Bob Mottram a8165e801d Extra removal code for edith 2018-02-02 12:21:59 +00:00
Bob Mottram 1c063ee4df Remove directory if it exists 2018-02-02 11:55:10 +00:00
Bob Mottram 1fbe08647a Ensure that clone happens 2018-02-02 11:53:10 +00:00
Bob Mottram 4f85a93b32 No hyphen 2018-02-02 11:49:25 +00:00
Bob Mottram c6e9f60c13 edith notes app 2018-02-02 11:46:09 +00:00
Bob Mottram 0b00db2cd3 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-02-01 15:06:55 +00:00
Bob Mottram 13faa6707f Remove any old lock files 2018-02-01 15:05:23 +00:00
Bob Mottram d8bd3eeeff Reduce pleroma blocking script frequency to 1 min 2018-02-01 14:47:48 +00:00
Bob Mottram 1dd303da3d Add a lock file to the pleroma blocking script 2018-02-01 14:47:15 +00:00
Bob Mottram 7e650ecc9b Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-31 20:33:28 +00:00
Bob Mottram 1a8d9bedfb install kpartx on debian 2018-01-31 20:31:37 +00:00
Bob Mottram 860daf29c6 install-mbr accessible via usr/bin 2018-01-31 20:26:23 +00:00
Bob Mottram 8cf30c1318 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-31 09:01:53 +00:00
Bob Mottram 6f3d90c95e avahi service for dlna 2018-01-30 14:40:37 +00:00
Bob Mottram f51f3ebc01 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-30 11:49:05 +00:00
Bob Mottram f791741436 xmpp-server avahi service 2018-01-30 11:36:32 +00:00
Bob Mottram 66321c57e8 xmpp avahi service filename 2018-01-30 11:33:47 +00:00
Bob Mottram 23fc305fb2 Add avahi service for matrix 2018-01-30 11:32:11 +00:00
Bob Mottram 9f78c7df9f Consolidate avahi service for xmpp 2018-01-30 10:37:02 +00:00
Bob Mottram d209033b9a Add avahi service for turn 2018-01-30 10:32:30 +00:00
Bob Mottram 0d4294ff57 Add xmpp to avahi services 2018-01-30 10:18:03 +00:00
Bob Mottram e460b617dd Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-29 23:17:06 +00:00
Bob Mottram 0ac2d76322 Single 2018-01-29 23:16:27 +00:00
Bob Mottram 5d0701c6ff Restart tor daemon after upgrade 2018-01-29 22:44:36 +00:00
Bob Mottram 56887a0db2 Pleroma commit before Agent added 2018-01-29 22:10:20 +00:00
Bob Mottram 2c7e4df3de Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-29 15:19:09 +00:00
Bob Mottram f3ce14c385 mobile format onion address 2018-01-29 14:57:18 +00:00
Bob Mottram 8a6154376b mobile onion address format 2018-01-29 14:52:43 +00:00
Bob Mottram 0bb5eb9ce6 Showing mobile rss address 2018-01-29 14:50:32 +00:00
Bob Mottram 9822f9f9c7 Completion parameter not needed 2018-01-29 14:47:30 +00:00
Bob Mottram 3280d9dd4d Tor traffic is per month 2018-01-29 14:07:09 +00:00
Bob Mottram 1cc92c9359 Additional v3 onion conversions 2018-01-29 12:18:24 +00:00
Bob Mottram f0814c1b45 Stick with v2 onion addresses for xmpp
The prosody onions module probably will need changes to handle the v3 addresses
2018-01-29 12:08:23 +00:00
Bob Mottram 36f655af5f New onion address for freedombone site 2018-01-29 10:20:50 +00:00
Bob Mottram 25b900abb1 Next generation onion addresses 2018-01-29 10:12:15 +00:00
Bob Mottram 00e04a46f4 Don't need backslashes 2018-01-26 18:43:26 +00:00
Bob Mottram e8904fec28 Note about riot messages in group chats 2018-01-26 16:35:14 +00:00
Bob Mottram 3bb6785574 Install free firmware for atheros usb driver 2018-01-26 15:44:58 +00:00
Bob Mottram 874efc080f Change how atheros wifi drivers get installed 2018-01-26 14:15:32 +00:00
Bob Mottram 52deb018d4 Deprecate librevault. The project looks dead 2018-01-25 19:44:03 +00:00
Bob Mottram f85c6a9b5b Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-25 18:36:03 +00:00
Bob Mottram ee1330f442 Update year 2018-01-25 18:35:39 +00:00
Bob Mottram a56fade1d5 Remove temporary files after use 2018-01-25 17:04:25 +00:00
Bob Mottram 76d24b01cd Recommended pleroma nginx config 2018-01-25 14:57:14 +00:00
Bob Mottram a89024596c keep torrc configuration 2018-01-25 12:20:53 +00:00
Bob Mottram 32d52faf9f Install tor daemon from backports 2018-01-25 12:17:37 +00:00
Bob Mottram 09a68c7a28 Notes 2018-01-25 11:40:19 +00:00
Bob Mottram b0d728107e Include prosody exception in lockdown 2018-01-25 11:05:05 +00:00
Bob Mottram 622b3af99f Make an exception for prosody 2018-01-25 11:00:43 +00:00
Bob Mottram 9dcb09580d Make an exception for prosody 2018-01-25 10:56:30 +00:00
Bob Mottram a22743f3fb Unmount on failure 2018-01-24 17:09:35 +00:00
Bob Mottram b20eec16df Check that database backup exists 2018-01-24 17:03:14 +00:00
Bob Mottram 57cc40019d restore database test 2018-01-24 16:32:31 +00:00
Bob Mottram a14ac0ff82 Deprecate obnam backup functions 2018-01-24 15:58:03 +00:00
Bob Mottram 268c1dfc8a Get mariadb password when restoring ttrss 2018-01-24 15:46:52 +00:00
Bob Mottram 48a8db2053 Fixing ttrss backup and restore 2018-01-24 15:36:29 +00:00
Bob Mottram 0b606c06d2 Create directories when restoring rss 2018-01-24 15:18:52 +00:00
Bob Mottram 8abeb56bea Deprecate smilodon 2018-01-23 21:52:55 +00:00
Bob Mottram 44fcd44d39 Retire the mesh option from the freedombone-client command
This is no longer the way that the mesh system is intended to be used
2018-01-23 21:05:21 +00:00
Bob Mottram 1297c3db1c Log in after install 2018-01-23 20:50:58 +00:00
Bob Mottram 590ac1a45c menuconfig 2018-01-23 19:33:59 +00:00
Bob Mottram 76432f7c19 menuconfig 2018-01-23 19:32:18 +00:00
Bob Mottram 433e366b17 Move to postgresql directory when doing backups 2018-01-23 14:58:43 +00:00
Bob Mottram b972805e67 Permissions on npm directory 2018-01-23 12:36:21 +00:00
Bob Mottram f42d66c868 More explanation 2018-01-23 10:28:13 +00:00
Bob Mottram 079fb21212 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-22 18:51:01 +00:00
Bob Mottram f724959e98 Run at a lower frequency to avoid occupying the database too much 2018-01-22 18:50:27 +00:00
Bob Mottram b6f010e491 Don't send pleroma posts to blocked instances 2018-01-22 18:38:37 +00:00
Bob Mottram 164d7ae98d Back to i min blocking updates 2018-01-22 10:52:23 +00:00
Bob Mottram 77c21beb58 Leave notifications alone, they will expire anyway 2018-01-22 10:50:12 +00:00
Bob Mottram af2b593777 backslash 2018-01-22 10:43:57 +00:00
Bob Mottram de8bacd3c2 Remove notifications for blocked users 2018-01-22 10:41:30 +00:00
Bob Mottram 1f7ed83d09 Block within users table 2018-01-22 10:12:14 +00:00
Bob Mottram 1575cd5813 Block on more fields 2018-01-22 09:53:17 +00:00
Bob Mottram 8afe110663 Include to field in pleroma blocking 2018-01-22 09:43:17 +00:00
Bob Mottram 999b506fe2 root directory 2018-01-21 18:34:08 +00:00
Bob Mottram 1702ba5a4a Run pleroma blocking script after firewall entry 2018-01-21 18:01:21 +00:00
Bob Mottram ab2cba8075 pleroma blocking script 2018-01-21 17:56:39 +00:00
Bob Mottram 4cbd1cce34 Restoring lychee from backup 2018-01-21 12:02:13 +00:00
Bob Mottram 5d0e497c10 Bump koel commit 2018-01-21 11:50:49 +00:00
Bob Mottram 523d16ca1d Change site onion address 2018-01-21 11:16:43 +00:00
Bob Mottram 50e0022753 Mumble advice 2018-01-21 11:02:03 +00:00
Bob Mottram e05dfbb27c Check for fullchain 2018-01-21 10:32:55 +00:00
Bob Mottram 88548b1a56 mumble certs on install 2018-01-21 10:28:17 +00:00
Bob Mottram 173bdebbfa domain name variable for mumble 2018-01-21 10:19:28 +00:00
Bob Mottram 541639cc9e Update mumble certs during upgrades 2018-01-21 10:18:25 +00:00
Bob Mottram 0ddebf4dc3 Separate out mumble. It doesn't need to depend on prosody being installed 2018-01-21 10:15:20 +00:00
Bob Mottram fa493156d4 prosody modules in two directories 2018-01-21 10:12:32 +00:00
Bob Mottram 980320f9e5 Only copy prosody modules if the directory exists 2018-01-21 10:10:43 +00:00
Bob Mottram d22c6e7608 Scope 2018-01-21 10:07:21 +00:00
Bob Mottram a5eb051bbf Ensure letsencrypt certs are used where appropriate 2018-01-21 09:58:16 +00:00
Bob Mottram e42c276dd7 Upgrade prosody certs when possible 2018-01-21 00:09:20 +00:00
Bob Mottram 1197ace0c9 Simplify expire script 2018-01-20 22:27:35 +00:00
Bob Mottram 9275a6ab84 typo 2018-01-20 22:23:37 +00:00
Bob Mottram 4044e18f22 Checking of months on pleroma expiry script 2018-01-20 22:20:30 +00:00
Bob Mottram 58de604cb4 Simpler pleroma expire script 2018-01-20 22:14:00 +00:00
Bob Mottram 0fff1bd21b Don't close twice 2018-01-20 21:44:36 +00:00
Bob Mottram 9136a7a2f9 Add php postgres module 2018-01-20 21:27:50 +00:00
Bob Mottram 3e9a62703e Also read months 2018-01-20 21:11:45 +00:00
Bob Mottram 05f195ac99 Expiry of pleroma posts 2018-01-20 21:09:25 +00:00
Bob Mottram 1adc1264f3 hostname 2018-01-20 18:36:58 +00:00
Bob Mottram 61aef304fe Convert tripwire key filenames 2018-01-20 18:34:09 +00:00
Bob Mottram c9ee053494 Back to hostname 2018-01-20 18:30:26 +00:00
Bob Mottram ff55d42e29 Use project name 2018-01-20 18:25:29 +00:00
Bob Mottram 22198a7f5f riot config filename 2018-01-20 13:36:18 +00:00
Bob Mottram 7b1e6b2df8 Remove bad links from riot 2018-01-20 13:13:31 +00:00
Bob Mottram b72da11f6c Restore of syncthing users 2018-01-20 10:34:08 +00:00
Bob Mottram 7ab85b55d2 Sometimes there is no shared data to restore 2018-01-20 10:21:38 +00:00
Bob Mottram 4bfd152772 Missing modifiers 2018-01-20 10:10:07 +00:00
Bob Mottram a4e25d5dc0 Avoid stig failures when installing xmpp 2018-01-20 09:58:43 +00:00
Bob Mottram 544385a60c Ghost backup and restore when database is in the current subdirectory 2018-01-19 22:04:27 +00:00
Bob Mottram 43516f1144 Restoring ghost 2018-01-19 21:41:51 +00:00
Bob Mottram 940101b74c More directory creations on restore 2018-01-19 17:31:16 +00:00
Bob Mottram 23e52b615d Restoring user config 2018-01-19 17:22:22 +00:00
Bob Mottram b19479e7df Revert "Use atheros wifi package"
This reverts commit 5814c386c1.
2018-01-19 14:33:39 +00:00
Bob Mottram 5814c386c1 Use atheros wifi package 2018-01-19 14:23:24 +00:00
Bob Mottram 871a4f6cad Detect ipv6 addresses 2018-01-19 12:36:04 +00:00
Bob Mottram e29fe7b88b Increase image size 2018-01-18 18:16:23 +00:00
Bob Mottram 9e33044b77 Increase size of meshclient image 2018-01-18 18:12:28 +00:00
Bob Mottram e22ae06746 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-18 17:29:50 +00:00
Bob Mottram 3712ca79a7 Switch ipv4 to ipv6 when creating ipfs boostraps 2018-01-18 17:29:03 +00:00
Bob Mottram 8188fbea23 Mention other mesh protocols 2018-01-17 23:49:58 +00:00
Bob Mottram 388c90c692 Update mesh desktop image 2018-01-17 21:37:58 +00:00
Bob Mottram c5d907da5b Fixing mesh protocol switching 2018-01-17 18:56:47 +00:00
Bob Mottram 5f16e3eac1 Double quotes 2018-01-17 17:16:43 +00:00
Bob Mottram 4e77ed90b4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-17 14:41:21 +00:00
Bob Mottram 9dccf8395c Remove 2018-01-17 14:40:21 +00:00
Bob Mottram 246ecc6c96 Mesh firewall for babel protocol 2018-01-17 13:59:59 +00:00
Bob Mottram 0ef31c4005 Use device parameter 2018-01-17 13:47:36 +00:00
Bob Mottram 714675ed0e stop babel 2018-01-17 13:44:57 +00:00
Bob Mottram 3d52e70630 Add babel mesh routing protocol 2018-01-17 13:42:40 +00:00
Bob Mottram 97f9e3e3e2 remove avahi service for ssh on mesh peers 2018-01-17 12:09:46 +00:00
Bob Mottram 2c1c2e5c72 Show mesh routing icon even when there are no peers 2018-01-17 12:08:08 +00:00
Bob Mottram 90cab772f3 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-17 08:59:33 +00:00
Bob Mottram e60eb5cbd0 Change mesh protocol within avahi service 2018-01-17 08:58:23 +00:00
Bob Mottram 07d43725f9 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-16 22:55:05 +00:00
Bob Mottram 699c2dca51 Don't need remove 2018-01-16 22:54:37 +00:00
Bob Mottram 771f9388ec Don't need ssh avahi service on mesh 2018-01-16 22:54:03 +00:00
Bob Mottram 91aad446f5 More helpful text 2018-01-16 22:44:47 +00:00
Bob Mottram 4e6e431169 quotes 2018-01-16 22:37:40 +00:00
Bob Mottram 5648acd148 Remove avahi ssh on mesh 2018-01-16 22:19:04 +00:00
Bob Mottram d3b6f087e7 Remove routing icon if not connected 2018-01-16 20:01:38 +00:00
Bob Mottram 720134ebc5 Mesh routing protocol desktop icon 2018-01-16 20:00:04 +00:00
Bob Mottram 156fd29799 ssh isn't usually available on mesh peers 2018-01-16 16:21:28 +00:00
Bob Mottram 256e01647a broadcast the mesh routing protocol on avahi 2018-01-16 16:12:12 +00:00
Bob Mottram 9e2d2df552 olsr2 simple daemon 2018-01-16 15:24:06 +00:00
Bob Mottram 9bd45f495b olsr2/manet firewall 2018-01-16 15:22:33 +00:00
Bob Mottram be89e042c9 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-16 13:27:10 +00:00
Bob Mottram ff13caac42 Missing rootdir 2018-01-16 13:26:15 +00:00
Bob Mottram 48cc9c3782 batman status 2018-01-16 13:11:10 +00:00
Bob Mottram 4b9075738b Adding mesh support for OLSR2 2018-01-16 12:35:18 +00:00
Bob Mottram ae4e3cd019 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-16 11:25:56 +00:00
Bob Mottram f0e7f97ce4 i386 package needed on amd64 2018-01-16 11:15:53 +00:00
Bob Mottram 1506003965 libc package name on debian 2018-01-16 11:07:49 +00:00
Bob Mottram a817de0d3b Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-16 10:12:07 +00:00
Bob Mottram f657b2f8b0 Update debian script hash 2018-01-16 10:03:23 +00:00
Bob Mottram e6c06c87f3 Add debian package for setup 2018-01-16 09:58:49 +00:00
Bob Mottram c5de5d207c sed character formatting 2018-01-16 09:56:13 +00:00
Bob Mottram 5a8d519a6a pleroma frontend commit 2018-01-15 21:35:41 +00:00
Bob Mottram 4e2a292021 Re-include pleroma 2018-01-15 20:48:59 +00:00
Bob Mottram e7cbcd20b7 Mention mesh network protocols 2018-01-15 20:18:47 +00:00
Bob Mottram e292a4537a cat 2018-01-15 17:48:19 +00:00
Bob Mottram 3e841881be Disable bmx after stop 2018-01-15 14:31:07 +00:00
Bob Mottram 3559682fcd Default to bmx6 on mesh. It looks more stable 2018-01-15 14:15:09 +00:00
Bob Mottram 8fd134ed2a Update bmx devices within daemons 2018-01-15 14:11:23 +00:00
Bob Mottram 4d21771969 Create default mesh protocol file if needed 2018-01-15 13:35:53 +00:00
Bob Mottram c4a284abb1 Fix mesh protocol condition 2018-01-15 13:35:10 +00:00
Bob Mottram 9301df8b4a Include bmx status within batman status command 2018-01-15 13:34:06 +00:00
Bob Mottram c3e4cdf708 mesh firewall not limited to a particular interface 2018-01-15 13:25:12 +00:00
Bob Mottram e581c487ea Tidying 2018-01-15 13:23:45 +00:00
Bob Mottram 390c1c6a44 mesh protocol is bmx6 or 7 with default of 7 2018-01-15 13:15:35 +00:00
Bob Mottram 0cc405b215 mesh avahi settings 2018-01-15 12:54:46 +00:00
Bob Mottram 5b8cc8d6a8 Deprecate avahi-autoipd 2018-01-15 12:29:06 +00:00
Bob Mottram fd34c17159 Use abbreviated bmx status commands 2018-01-14 22:45:23 +00:00
Bob Mottram 357d07d55b Use traceroute for bmx pings 2018-01-14 22:34:28 +00:00
Bob Mottram 6dbcf2ab2f Add traceroute for mesh testing 2018-01-14 22:31:26 +00:00
Bob Mottram 73b18fcf9e bmx status command 2018-01-14 15:45:03 +00:00
Bob Mottram a4e2c48a9e mesh wifi interface independent firewall settings 2018-01-14 12:38:01 +00:00
Bob Mottram 94d1fb3963 Additional mesh ipv6 firewall configuration 2018-01-14 12:36:04 +00:00
Bob Mottram 8ddf551bc7 xz settings 2018-01-14 11:36:45 +00:00
Bob Mottram ab2ba6a0eb More archive cleaning during mesh image creation 2018-01-13 23:23:11 +00:00
Bob Mottram 3f651ae37e More ipv6 support within the mesh firewall 2018-01-13 22:25:29 +00:00
Bob Mottram b7d98140ff bmx ping options 2018-01-13 21:28:37 +00:00
Bob Mottram afc7d2c5b5 ipv6 icmp on mesh 2018-01-13 21:19:22 +00:00
Bob Mottram 69bf2faf37 4 2018-01-13 21:04:02 +00:00
Bob Mottram 945e703a8d avahi on ipv6 on bmx 2018-01-13 21:02:45 +00:00
Bob Mottram 6a82784932 No autoipd on bmx 2018-01-13 20:57:38 +00:00
Bob Mottram 06952d9137 Rate limit for ipv6 2018-01-13 20:18:58 +00:00
Bob Mottram 1efce6f173 mesh firewall allows ipv6 2018-01-13 20:03:46 +00:00
Bob Mottram d4f4bfb5dc Quieten down 2018-01-13 19:13:30 +00:00
Bob Mottram 5b276e3cfb 7 2018-01-13 17:35:51 +00:00
Bob Mottram ea3b956829 Add bmx7 mesh protocol 2018-01-13 17:35:09 +00:00
Bob Mottram aed270fc61 Switch bmx6 repo 2018-01-13 12:59:06 +00:00
Bob Mottram 4b19fc06ea Stopping mesh protocol before starting another 2018-01-13 11:36:50 +00:00
Bob Mottram 73dd40180a Placeholder 2018-01-13 11:27:09 +00:00
Bob Mottram f7dca26bd3 utils should only contain functions 2018-01-13 10:11:10 +00:00
Bob Mottram e3627b666f Experimental bmx6 on mesh 2018-01-12 22:18:23 +00:00
Bob Mottram 6bb4f759e0 Note about keybase.io on the faq 2018-01-11 20:57:43 +00:00
Bob Mottram 118c03d3cb Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-11 20:26:58 +00:00
Bob Mottram f410d0a13f Retire support for keybase.io gpg version 2.x doesn't appear to work well with it, but beyond that there's the really concerning issue that the site asks users to upload their *private keys*. Even if the private keys are client side passphrase encrypted this gives that site a full time opportunity to crack private keys. Even if they don't so that, a leak happens and suddenly letter agencies have your private key. Not a good way to go. 2018-01-11 20:26:27 +00:00
Bob Mottram e3deced621 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-11 14:23:43 +00:00
Bob Mottram 2a7e6c323d Getting the gpg key from an email address also checks gpg config for default-key 2018-01-11 14:15:09 +00:00
Bob Mottram 9927969e39 More separation between keys 2018-01-11 13:50:51 +00:00
Bob Mottram 37198e1696 Show the correct gpg fingerprint if a default-key was specified 2018-01-11 13:35:50 +00:00
Bob Mottram 07bca1fc2f Use the default gpg key if specified within the config file 2018-01-11 13:32:25 +00:00
Bob Mottram 1feb529b86 Install datboi within the scuttlebot app 2018-01-11 10:27:43 +00:00
Bob Mottram b015720228 Add datboi to mesh 2018-01-11 10:24:50 +00:00
Bob Mottram 957065483a Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-10 22:27:44 +00:00
Bob Mottram 0f9e185c77 Missing bracket 2018-01-10 22:25:44 +00:00
Bob Mottram d5526731f1 Missing bracket 2018-01-10 22:24:43 +00:00
Bob Mottram 873828d00a privatebin documentation 2018-01-10 22:22:47 +00:00
Bob Mottram ba582e17bf More privatebin traffic limiting 2018-01-10 21:48:44 +00:00
Bob Mottram c7016e9166 Purge on every paste 2018-01-10 21:44:08 +00:00
Bob Mottram b91c3fe8cd There's no limit 2018-01-10 21:41:59 +00:00
Bob Mottram f2018a8466 Language default 2018-01-10 21:39:30 +00:00
Bob Mottram 28d7a0fa2f Write permissions to data directory 2018-01-10 21:36:50 +00:00
Bob Mottram 8651acb169 Lower case 2018-01-10 21:25:04 +00:00
Bob Mottram 0c99738e51 Install mcrypt for privatebin 2018-01-10 21:24:43 +00:00
Bob Mottram 86ac7e00a9 Install libsodium for privatebin 2018-01-10 21:17:00 +00:00
Bob Mottram b7cc771576 privatebin dialog tweaks 2018-01-10 21:11:49 +00:00
Bob Mottram 06ea80e363 privatebin dialog tweaks 2018-01-10 21:08:24 +00:00
Bob Mottram 105384c3c4 Include privatebin within images 2018-01-10 21:02:06 +00:00
Bob Mottram ace52490ab privatebin app 2018-01-10 21:00:56 +00:00
Bob Mottram 6bbd1ef5fd Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-10 14:37:40 +00:00
Bob Mottram 371b5d0f6e Deprecate Pleroma backend due to off-site dependency 2018-01-10 14:25:22 +00:00
Bob Mottram 077a02818e Tidying 2018-01-09 19:51:20 +00:00
Bob Mottram ef2a5ca038 Comment out import 2018-01-09 19:34:14 +00:00
Bob Mottram 1d7888894f Revert "Move pleroma to production config"
This reverts commit 0982180705.
2018-01-09 19:03:49 +00:00
Bob Mottram 0982180705 Move pleroma to production config 2018-01-09 18:19:28 +00:00
Bob Mottram 5fc93dfe25 Try another pleroma commit, before Agent is added to chat_channel.ex 2018-01-09 15:05:23 +00:00
Bob Mottram 139696d527 Try the last pleroma commit before chat is added 2018-01-09 13:00:56 +00:00
Bob Mottram 061cc50c9f Revert commit 2018-01-09 11:13:46 +00:00
Bob Mottram 9de25b9bc7 More pleroma checks 2018-01-09 10:37:24 +00:00
Bob Mottram ac4e4febf4 No longer true 2018-01-08 19:13:59 +00:00
Bob Mottram 99bc83ac89 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-08 19:13:02 +00:00
Bob Mottram 61341e106a Improving ghost install 2018-01-08 17:09:05 +00:00
Bob Mottram c1ed8a4747 Check that ghost cli gets installed 2018-01-08 12:50:13 +00:00
Bob Mottram ce85662f90 Change how ghost is installed and limit to 1Gb+ RAM 2018-01-07 21:49:36 +00:00
Bob Mottram a6e2b54950 Placeholder web user interface 2018-01-07 14:47:43 +00:00
Bob Mottram b77f10f737 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-07 12:14:25 +00:00
Bob Mottram 1cea492656 Ownership permissions on lockdown of letsencrypt 2018-01-07 12:09:16 +00:00
Bob Mottram f6f6b29071 Show non-compliant library files 2018-01-07 11:26:30 +00:00
Bob Mottram 45e70c80f2 Show non-compliant library files 2018-01-07 11:22:47 +00:00
Bob Mottram 676fb374e2 Add onion address for jabber.cat 2018-01-07 10:48:41 +00:00
Bob Mottram 41e2dbdccc Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-06 17:11:06 +00:00
Bob Mottram cebc7aa5dc Don't use hashing for etherpad passwords. They're still somewhat defended by TLS or onion encryption The previous bcrypt hash no longer works 2018-01-06 17:06:13 +00:00
Bob Mottram cf1ea58e44 Bump etherpad commit 2018-01-06 16:16:16 +00:00
Bob Mottram 2fe82b63ba Certificate permissions for etherpad 2018-01-06 15:39:39 +00:00
Bob Mottram 9b48dab929 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-06 14:22:23 +00:00
Bob Mottram bb48a6df61 Use correct rootdir when installing nodejs 2018-01-06 14:20:21 +00:00
Bob Mottram 530bece40a Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-05 22:02:05 +00:00
Bob Mottram a4fae48858 Restoring fedwiki password 2018-01-05 21:51:58 +00:00
Bob Mottram 1834784191 Shorter password is easier to copy and paste 2018-01-05 21:39:19 +00:00
Bob Mottram 6ee54cde6f Federated wiki documentation 2018-01-05 21:25:27 +00:00
Bob Mottram 2cc5b6987e Enable font-awesome with fedwiki 2018-01-05 18:38:00 +00:00
Bob Mottram 316fd0d317 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-05 15:55:14 +00:00
Bob Mottram 2805ec45a7 certificate not certkey 2018-01-05 15:46:26 +00:00
Bob Mottram 2db60740d6 Unfortunately, copying of tls keys for exim seems like the only option 2018-01-05 15:18:07 +00:00
Bob Mottram e9015ac426 Changing fedwiki password 2018-01-04 18:51:55 +00:00
Bob Mottram 7a8d22a62f Shorter cookie 2018-01-04 18:48:21 +00:00
Bob Mottram 710a34d15e Cookiesecret last 2018-01-04 18:45:39 +00:00
Bob Mottram 7d5724e082 Re-enable fedwiki for another test 2018-01-04 18:43:56 +00:00
Bob Mottram fe625559de Don't need separate omemo prosody module 2018-01-04 16:56:29 +00:00
Bob Mottram d514414ff9 Update prosody modules 2018-01-04 16:55:15 +00:00
Bob Mottram a01b116b93 Don't defrag 2018-01-04 14:44:42 +00:00
Bob Mottram 86b12a843b Bump pihole commit 2018-01-04 14:42:54 +00:00
Bob Mottram 09fa3b0822 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-04 13:40:36 +00:00
Bob Mottram 6d5a449a1a Deprecate fedwiki 2018-01-04 13:19:49 +00:00
Bob Mottram e98a2fc7c0 Add fedwiki friends module 2018-01-04 13:16:49 +00:00
Bob Mottram 9cd6d3413d Bump pleroma commit 2018-01-02 15:52:46 +00:00
Bob Mottram 63d0a32e7d Bump gnusocial commit 2018-01-02 15:42:57 +00:00
Bob Mottram 6b0397e414 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2018-01-02 12:40:24 +00:00
Bob Mottram 8f139af1c0 Make lua scripts executable 2018-01-02 12:39:06 +00:00
Bob Mottram 46f5c877b5 Workaround for prosody PEP support in group chat with OMEMO 2018-01-02 11:05:10 +00:00
Bob Mottram ed9fb5bc4a Tidying 2017-12-31 18:17:01 +00:00
Bob Mottram 347514248b Remove duplicate function 2017-12-31 18:03:46 +00:00
Bob Mottram e5effa743b ipfs command permissions 2017-12-31 18:00:04 +00:00
Bob Mottram 8af6f509f1 Alter rate limits, because riot can have a lot of stuff going on 2017-12-31 11:43:08 +00:00
Bob Mottram d358c8af0e Remove bad pelican theme links at install time 2017-12-31 10:44:21 +00:00
Bob Mottram d32c6d9499 Improve removal of bad links 2017-12-30 23:33:13 +00:00
Bob Mottram 2cbdc9edcb Remove rather than replace 2017-12-30 20:29:24 +00:00
Bob Mottram e0b65c318b Limit file types 2017-12-30 20:21:07 +00:00
Bob Mottram 363938c900 Removal of google fonts when regenerating mesh blog 2017-12-30 20:05:40 +00:00
Bob Mottram 6384897ecc Ensure that the ipfs command is executable 2017-12-30 17:25:59 +00:00
Bob Mottram 8e25f1fada Change mirrors explanation 2017-12-30 15:48:42 +00:00
Bob Mottram d69711035d The changing situation of tor 2017-12-30 15:39:17 +00:00
Bob Mottram 552263f174 Bump ipfs go version 2017-12-30 13:27:02 +00:00
Bob Mottram 0d2c6347c4 Update hash 2017-12-29 23:17:24 +00:00
Bob Mottram fb5ac09639 Change mesh documentation image 2017-12-29 22:58:38 +00:00
Bob Mottram a0a5ab40bd Different mesh desktop background 2017-12-29 18:43:15 +00:00
Bob Mottram 14f5b532f2 Mesh desktop background 2017-12-29 14:05:01 +00:00
Bob Mottram 9f43b7e842 Image height 2017-12-29 13:35:29 +00:00
Bob Mottram bb5b3bd75b Image width 2017-12-29 13:34:10 +00:00
Bob Mottram ea69a00f46 logo width 2017-12-29 13:31:40 +00:00
Bob Mottram e0fb8a8f39 Smaller logo 2017-12-29 13:25:28 +00:00
Bob Mottram 465207bb33 mesh logo 2017-12-29 13:23:00 +00:00
Bob Mottram 7fb85ec54d Some coc clarification 2017-12-29 10:25:32 +00:00
Bob Mottram 0d52e513cb Update hash 2017-12-28 22:57:53 +00:00
Bob Mottram 87879815b7 Update some hashes 2017-12-28 21:17:04 +00:00
Bob Mottram 81dc5300ab Update some hashes 2017-12-28 21:15:48 +00:00
Bob Mottram daf0499a47 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-28 21:05:38 +00:00
Bob Mottram 47ee47e6fb Update some hashes 2017-12-28 21:02:36 +00:00
Bob Mottram 4396da4353 Additional cleanup during mesh install 2017-12-28 15:10:54 +00:00
Bob Mottram 9543fea1af Change ownership within chroot 2017-12-28 12:58:34 +00:00
Bob Mottram e0b21ecfd6 Merge branch 'master' of https://github.com/bashrc/freedombone 2017-12-26 21:53:00 +00:00
Bob Mottram 806fd6aa06 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-26 21:52:33 +00:00
Bob Mottram 78e9bdb93e More of an explanation about username at the end of installation 2017-12-26 21:52:00 +00:00
Bob Mottram 4bc71311c2 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-26 21:12:05 +00:00
Bob Mottram 9083b43a67 Ensure that default fbone user gets removed on first boot of the non-mesh system 2017-12-26 21:11:22 +00:00
Bob Mottram f1d1610796 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-26 12:49:55 +00:00
Bob Mottram fd09426166 Not needed with the setup option 2017-12-26 12:49:29 +00:00
Bob Mottram abfd8de1e4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-26 11:10:36 +00:00
Bob Mottram ab008f830e Building with vmdebootstrap on debian 2017-12-26 10:52:41 +00:00
Bob Mottram d71adade06 Include dat in scuttlebot install 2017-12-23 10:28:44 +00:00
Bob Mottram 49f72d9083 Typos 2017-12-20 23:39:34 +00:00
Bob Mottram 22470d5391 Documentation for akaunting 2017-12-20 23:37:10 +00:00
Bob Mottram c6bf24f406 Remove googleapi links from akaunting 2017-12-20 22:38:28 +00:00
Bob Mottram 05660ba8f1 Upgrade akaunting with composer 2017-12-20 22:11:24 +00:00
Bob Mottram 761bf4ccb4 Install akaunting with composer 2017-12-20 21:53:18 +00:00
Bob Mottram 7658403fcc Backup and restore of akaunting 2017-12-20 21:38:00 +00:00
Bob Mottram 0c926f1b7a Tidying 2017-12-20 21:14:35 +00:00
Bob Mottram 1ff9d30fcb Unique exit codes 2017-12-20 21:13:45 +00:00
Bob Mottram 6a316acd91 No background image 2017-12-20 21:12:08 +00:00
Bob Mottram cb11bb6ab5 Remove unused variables 2017-12-20 21:11:14 +00:00
Bob Mottram 02a2002fe5 Add akaunting app 2017-12-20 21:09:09 +00:00
Bob Mottram 607532f97d Typo 2017-12-20 14:32:33 +00:00
Bob Mottram 5699b408c4 Show matrix chat room address 2017-12-20 13:53:19 +00:00
Bob Mottram 7aedc27b12 Add prosody daemon restart on upgrades 2017-12-20 13:44:27 +00:00
Bob Mottram 50408559bd Ensure that if prosody gets stuck it will unstick itself at least once per day 2017-12-20 13:33:36 +00:00
Bob Mottram ba180854f0 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-20 12:51:27 +00:00
Bob Mottram 0f8615abe1 CoC documentation on website 2017-12-20 12:45:58 +00:00
Bob Mottram 5c27306389 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-19 21:37:21 +00:00
Bob Mottram 0dd760e905 It's not a large project 2017-12-19 21:36:53 +00:00
Bob Mottram e1b96e4aa3 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-19 21:29:36 +00:00
Bob Mottram e25cf8e561 Adopt a real Code of Conduct (CoC) This is an adapted version of the Debian code of conduct with the project name and a few other parts changed 2017-12-19 21:28:47 +00:00
Bob Mottram 42043adb58 Generate cryptpad config 2017-12-19 16:14:35 +00:00
Bob Mottram db0856c3f0 Fix cryptpad upgrade 2017-12-19 15:02:38 +00:00
Bob Mottram dd43031028 Generate cryptpad api config file after upgrades 2017-12-19 14:07:10 +00:00
Bob Mottram 3564dd7e06 Revert "cryptpad version 1.22.0"
This reverts commit e3b3e2c4d4.
2017-12-19 12:50:48 +00:00
Bob Mottram 99013eedbc Cache control 2017-12-19 12:10:29 +00:00
Bob Mottram 930c35098a Tidying 2017-12-19 11:37:43 +00:00
Bob Mottram e3b3e2c4d4 cryptpad version 1.22.0 2017-12-19 11:27:53 +00:00
Bob Mottram 08308b0211 Remove some existing nginx options #69 2017-12-19 11:02:10 +00:00
Bob Mottram bd3627a14a Use cookie authentication method for wiki #69 2017-12-19 10:48:39 +00:00
Bob Mottram 203faffb7b Comment 2017-12-18 19:19:31 +00:00
Bob Mottram 379d7ffee5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-18 19:05:08 +00:00
Bob Mottram 35eb67a943 Disable install of the federated wiki for now. It requires a proprietary identity provider to log in, and without that the wiki is read only. An independent identity provider needs to be implemented within https://github.com/fedwiki/wiki-security-passportjs #69 2017-12-18 19:04:34 +00:00
Bob Mottram 9605ba0a48 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-18 15:00:19 +00:00
Bob Mottram 675188767c Extricating the worst of the google crap which phones home 2017-12-18 14:21:59 +00:00
Bob Mottram 0e337558e6 Start removing bad links #69 2017-12-18 13:57:51 +00:00
Bob Mottram e4734b6ef7 Unblock some header options, because this is fundamentally cross-site #69 2017-12-18 13:21:09 +00:00
Bob Mottram 01fd4456ea Change wiki working directory #69 2017-12-18 13:06:05 +00:00
Bob Mottram 396ac49f00 Use npm for wiki install #69 2017-12-18 12:25:30 +00:00
Bob Mottram 0b8642e683 Add federated wiki #69 2017-12-18 11:41:20 +00:00
Bob Mottram 8298c57630 Sleep before busting 2017-12-17 20:13:06 +00:00
Bob Mottram 30cf9bb2e0 Bump ghost version 2017-12-17 17:14:40 +00:00
Bob Mottram a52d3cca71 Add dio resolvers 2017-12-16 22:46:46 +00:00
Bob Mottram 3b952162cb Also change git-ssb hostname in nginx 2017-12-16 18:57:41 +00:00
Bob Mottram 0653eae160 Change scuttlebot hostname on network restart 2017-12-16 18:01:59 +00:00
Bob Mottram 05df6f5f13 Creation of git-ssb daemon 2017-12-16 15:44:17 +00:00
Bob Mottram 1935deb53f Start git-ssb daemon on mesh image 2017-12-16 15:21:01 +00:00
Bob Mottram 816bded661 Restart nginx when restarting mesh networking 2017-12-16 13:12:51 +00:00
Bob Mottram 5ed6ef6483 Run scuttlebot on mesh peers if git-ssb is enabled 2017-12-16 13:09:12 +00:00
Bob Mottram 0fb0010f14 Only enable git ssb if installed 2017-12-16 13:05:42 +00:00
Bob Mottram 49541c630c Enable git ssb site on mesh peer 2017-12-16 13:05:04 +00:00
Bob Mottram 592d0f8d68 Install web server before scuttlebot on mesh image 2017-12-16 13:03:32 +00:00
Bob Mottram 152d3f44d6 Don't install git-ssb globally on mesh 2017-12-16 11:58:14 +00:00
Bob Mottram ec5e7dd658 Update onion address mappings 2017-12-15 17:08:40 +00:00
Bob Mottram cbe2e5a401 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-15 16:29:26 +00:00
Bob Mottram 26827ae286 Change a couple of xmpp server addresses 2017-12-15 16:20:42 +00:00
Bob Mottram 42f0a4befc Script to create git-ssb repos 2017-12-12 22:22:08 +00:00
Bob Mottram 92a26a388c Disable scuttlebot site if it exists 2017-12-12 17:47:39 +00:00
Bob Mottram 5912190040 scuttlebot domain variables 2017-12-12 17:46:38 +00:00
Bob Mottram 8d069c53ee Create tls cert for scuttlebot 2017-12-12 17:35:26 +00:00
Bob Mottram 70b0430bc5 Enable web user interface for git ssb via scuttlebot app 2017-12-12 16:35:14 +00:00
Bob Mottram 2370f32323 Deprecate smilodon for now 2017-12-11 22:05:50 +00:00
Bob Mottram ae60e38cc7 Install git-ssb with scuttlebot 2017-12-11 20:15:05 +00:00
Bob Mottram 3fb870a6ff Separate matrix user removal script generation 2017-12-11 16:06:44 +00:00
Bob Mottram ace9d9c5f9 Script to remove users from matrix 2017-12-11 16:01:54 +00:00
Bob Mottram 57d5344d5b Update riot hash 2017-12-11 14:08:23 +00:00
Bob Mottram 1c377298ce Bump riot version 2017-12-11 14:06:15 +00:00
Bob Mottram c9189104d5 vpn firewall settings appear to be needed for Patchwork to discover local peers 2017-12-10 15:20:13 +00:00
Bob Mottram df33a12702 Wait longer when initialising scuttlebot pub on mesh peer 2017-12-10 12:22:39 +00:00
Bob Mottram bafaec7e67 Update mesh image hashes 2017-12-09 23:07:47 +00:00
Bob Mottram db10e14f83 Show initial login screen in mesh documentation 2017-12-09 17:58:17 +00:00
Bob Mottram 839361d04c Add photo editor to mesh 2017-12-09 17:39:29 +00:00
Bob Mottram 36e2af8e76 Image showing selection of blog theme 2017-12-09 16:19:39 +00:00
Bob Mottram 4bb3d4b0b4 Remove dubious pelican theme css at install time 2017-12-09 15:01:48 +00:00
Bob Mottram 85126cec66 Remove bad css from non-mesh pelican installs 2017-12-09 14:40:18 +00:00
Bob Mottram d61d410746 Remove bad css from selected blog 2017-12-09 14:34:22 +00:00
Bob Mottram db3cc4f5af Select mesh blog theme using zenity 2017-12-09 13:52:10 +00:00
Bob Mottram dec2f54a1b When visiting a mesh site choose from a list of users 2017-12-09 10:56:22 +00:00
Bob Mottram 64d843d615 zenity image for connecting meshes 2017-12-08 18:53:34 +00:00
Bob Mottram 7ccd6b4480 mesh blogging with zenity list 2017-12-08 18:50:54 +00:00
Bob Mottram 394adf5bfc peers list image in documentation 2017-12-08 18:30:59 +00:00
Bob Mottram df8a6c8629 Syntax 2017-12-08 17:43:14 +00:00
Bob Mottram fffcf01dc7 Syntax 2017-12-08 15:09:47 +00:00
Bob Mottram c6c28e5ce4 Variables for showing list of mesh users 2017-12-08 14:27:14 +00:00
Bob Mottram 8481a701eb Use zenity to select users and copy their tox ID to the clipboard 2017-12-08 13:30:35 +00:00
Bob Mottram 7bda738c8e Don't open blog via terminal on mesh client 2017-12-07 18:06:40 +00:00
Bob Mottram d89e722852 More zenity 2017-12-06 22:20:05 +00:00
Bob Mottram 9cfc3cb272 Call mesh connect script directly rather than via terminal 2017-12-06 21:20:00 +00:00
Bob Mottram 504c561ea3 Switch mesh vpn connection to zenity 2017-12-06 21:17:50 +00:00
Bob Mottram 7cb7225c2f Use zenity for selecting mesh blog options 2017-12-06 20:35:32 +00:00
Bob Mottram dab37d1d22 Use zenity entry so that enter key works 2017-12-06 19:37:36 +00:00
Bob Mottram bc51fa6b3a Don't open within a terminal 2017-12-06 19:11:50 +00:00
Bob Mottram dbed21ecd9 Use zenity for visiting mesh sites 2017-12-06 19:10:50 +00:00
Bob Mottram 62b69e0cbd Move kdenlive icon to avatars so that it is accessible to the fbone user 2017-12-06 13:36:48 +00:00
Bob Mottram 3653d345dc kdenlive desktop icon 2017-12-06 13:33:40 +00:00
Bob Mottram 01ac99ca4c Icon theme for kdenlive 2017-12-06 12:32:23 +00:00
Bob Mottram 6fcb305e04 video editing on mesh client 2017-12-05 20:24:09 +00:00
Bob Mottram f1759c7631 Don't install peertube on mesh images for now 2017-12-05 18:27:57 +00:00
Bob Mottram 95d06ef9b9 Attempt yarn fix 2017-12-04 22:35:44 +00:00
Bob Mottram e6e22eac6d Install yarn from debian repo 2017-12-04 20:08:52 +00:00
Bob Mottram 26f228eb86 Try installing webpack without yarn 2017-12-04 19:15:13 +00:00
Bob Mottram f4946f0b15 Check for webpack failure 2017-12-04 18:30:53 +00:00
Bob Mottram 6bdbc32a5a image size 2017-12-04 17:50:07 +00:00
Bob Mottram efc42f5447 Check whether peertube was installed 2017-12-04 17:09:38 +00:00
Bob Mottram 0dbb10f2db Limit peertube to x86 64bit 2017-12-04 16:34:23 +00:00
Bob Mottram 38665c7cf1 Try ignoring optional packages 2017-12-04 13:11:39 +00:00
Bob Mottram e724c5f32f Try some additional peertube build dependencies 2017-12-04 12:31:06 +00:00
Bob Mottram 02d7270647 No v in npm version 2017-12-04 11:47:48 +00:00
Bob Mottram c4e5f01359 Second install of npm 2017-12-04 11:37:31 +00:00
Bob Mottram 1f702d1900 Test nodejs version numbers 2017-12-04 11:22:03 +00:00
Bob Mottram 4a04d29121 Exit if peertube install fails 2017-12-04 11:10:55 +00:00
Bob Mottram f8a9f4d522 Clone repo before creating peertube user 2017-12-04 10:35:03 +00:00
Bob Mottram 43eab839b5 Tidying 2017-12-03 22:21:06 +00:00
Bob Mottram 425cfdb5a1 Add peertube to mesh client 2017-12-03 22:03:55 +00:00
Bob Mottram a497c03195 Add a couple more public subdirectories on mesh clients 2017-12-03 19:50:47 +00:00
Bob Mottram 206d683c01 Switch mesh browser from midori to firefox 2017-12-03 17:42:55 +00:00
Bob Mottram e88753d38b Add some subdirectories to the mesh public desktop folder 2017-12-03 17:27:28 +00:00
Bob Mottram 4f512f5273 Mention webrtc requirement for peertube 2017-12-03 12:50:13 +00:00
Bob Mottram cc36bb9d5c Mention peertube as an alternative 2017-12-01 16:40:05 +00:00
Bob Mottram e9ea698222 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-12-01 13:05:34 +00:00
Bob Mottram a21d5528a0 Some configuration settings for peertube 2017-12-01 11:06:41 +00:00
Bob Mottram dd7baf19e0 Further limit the number of peertube signups 2017-12-01 10:43:04 +00:00
Bob Mottram 968c08a5aa peertube documentation 2017-12-01 10:42:19 +00:00
Bob Mottram cacc74b0c8 Transcoding 2017-11-30 23:04:14 +00:00
Bob Mottram f506c3c030 Transcoding settings 2017-11-30 22:48:12 +00:00
Bob Mottram 0a17554dbd Move peertube to a different port to avoid clashes 2017-11-30 20:52:24 +00:00
Bob Mottram a2005d92c0 use http2 2017-11-30 20:25:42 +00:00
Bob Mottram 7a15ce3b83 Bump peertube commit 2017-11-30 18:55:12 +00:00
Bob Mottram 5012d794a8 Bump peertube commit 2017-11-30 11:19:12 +00:00
Bob Mottram 0a5af0d06a Remove content security policy for peertube 2017-11-30 10:50:24 +00:00
Bob Mottram 4fcb68be28 Install peertube 2017-11-29 22:33:21 +00:00
Bob Mottram 158ef5f277 Tidying 2017-11-29 22:28:04 +00:00
Bob Mottram 1ab966a6ed Peertube database creation 2017-11-29 22:02:55 +00:00
Bob Mottram deefdf38eb Enable peertube signups 2017-11-29 21:14:20 +00:00
Bob Mottram 30f7875e59 No https on onion only install of peertube 2017-11-29 20:57:18 +00:00
Bob Mottram f91d309e1f signup limit 2017-11-29 20:27:51 +00:00
Bob Mottram 4209245e20 Fix web install 2017-11-29 20:25:01 +00:00
Bob Mottram b0b3315083 Extra yarn command 2017-11-29 20:16:29 +00:00
Bob Mottram bca1e90808 Move to directory when running postgresql queries 2017-11-29 20:02:57 +00:00
Bob Mottram 4ca61f2aac peertube 2017-11-29 14:28:31 +00:00
Bob Mottram c459d4c257 peertube app 2017-11-29 14:23:07 +00:00
Bob Mottram 805120d7ef Quote 2017-11-28 17:02:27 +00:00
Bob Mottram 75d0bdc8ea Update smilodon hash 2017-11-28 13:27:40 +00:00
Bob Mottram 3588dc68e6 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-27 22:46:55 +00:00
Bob Mottram e9ebb25bab Disable email chunking on upgrades 2017-11-27 22:46:29 +00:00
Bob Mottram 1d1a6b4459 Disable exim chunking 2017-11-27 22:41:46 +00:00
Bob Mottram 0a467401bb Image separation 2017-11-27 13:22:16 +00:00
Bob Mottram 535a1a2a3a Combine images 2017-11-27 13:20:36 +00:00
Bob Mottram f1bd8d6d1c Position of image on index page 2017-11-27 13:17:09 +00:00
Bob Mottram 068156bf0a Position of image on index page 2017-11-27 13:16:39 +00:00
Bob Mottram e60a4b8429 Image on index page 2017-11-27 13:15:18 +00:00
Bob Mottram 8c3e004860 Remove vim reference 2017-11-27 12:43:26 +00:00
Bob Mottram 15bc6b1f91 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-27 12:39:41 +00:00
Bob Mottram 09f2505cfa Either method of storage 2017-11-27 12:35:18 +00:00
Bob Mottram fd14d11601 plural 2017-11-27 12:34:19 +00:00
Bob Mottram 426da7a6e3 Icecast documentation 2017-11-27 12:30:52 +00:00
Bob Mottram 0c921f1d77 Group USB options together 2017-11-27 12:21:48 +00:00
Bob Mottram f850e37373 Group USB options together 2017-11-27 12:21:06 +00:00
Bob Mottram 18c2603789 Set maximum number of icecast clients 2017-11-27 11:02:16 +00:00
Bob Mottram 0653439604 Mesh apps image 2017-11-27 10:34:37 +00:00
Bob Mottram c2bc213285 Install sequence 2017-11-26 21:37:03 +00:00
Bob Mottram 0da9ed132f Remove icecast onion address 2017-11-26 21:35:30 +00:00
Bob Mottram 98b427de1a Set stream name/description 2017-11-26 21:06:03 +00:00
Bob Mottram 945ca4180d Backup and restore the icecast playlist 2017-11-26 20:21:18 +00:00
Bob Mottram 94b1d56ccf Restrict icecast clients to something more fitted to a small home server 2017-11-26 20:12:23 +00:00
Bob Mottram 863ec09f5e Option to restart icecast stream 2017-11-26 20:02:04 +00:00
Bob Mottram 1d6b9e7402 Option to rescan icecast playlist 2017-11-26 19:58:40 +00:00
Bob Mottram e19e902b68 Tidying 2017-11-26 19:50:58 +00:00
Bob Mottram f9ea6d11cf Fixing icecast daemons 2017-11-26 19:25:13 +00:00
Bob Mottram 0f5803abc9 Remove source stream files after conversion 2017-11-25 22:31:16 +00:00
Bob Mottram a19a8df2ff icecast format conversions 2017-11-25 22:21:52 +00:00
Bob Mottram 6353bda886 Restart ices2 after adding files to icecast 2017-11-25 22:03:52 +00:00
Bob Mottram 606cbbf7f5 Set some icecast parameters 2017-11-25 21:57:59 +00:00
Bob Mottram c0e6b42e03 Icecast on port 80 2017-11-25 21:38:32 +00:00
Bob Mottram ec184e0c14 Move icecast to systemd 2017-11-25 21:06:27 +00:00
Bob Mottram 0ca44f5eab Restart icecast 2017-11-25 19:32:08 +00:00
Bob Mottram ad92c92ba8 icecast app 2017-11-25 19:11:05 +00:00
Bob Mottram 1b8e334d44 Centre text 2017-11-24 18:14:55 +00:00
Bob Mottram 7ca7852066 Centre text 2017-11-24 18:13:08 +00:00
Bob Mottram 22c6cf43cf Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-24 13:35:26 +00:00
Bob Mottram 1af6a5904f Ensure that the backports version of certbot is installed 2017-11-24 13:31:55 +00:00
Bob Mottram 944ca13f2c Generation of smilodon admin password 2017-11-23 20:58:27 +00:00
Bob Mottram 437222650b Quotes 2017-11-23 20:53:35 +00:00
Bob Mottram 50d936e73b Sequence of installation 2017-11-23 20:52:41 +00:00
Bob Mottram 974ba8742e Remove with purge 2017-11-23 20:48:03 +00:00
Bob Mottram da664fc97e Removing smilodon from completion file 2017-11-23 20:29:57 +00:00
Bob Mottram 72ff2321e8 Remove mongodb from completion file 2017-11-23 19:57:43 +00:00
Bob Mottram b523cd120f More attempts to remove mongodb 2017-11-23 19:49:57 +00:00
Bob Mottram 33de19cd99 Adding and removing mongodb databases from the apps list 2017-11-23 19:43:11 +00:00
Bob Mottram 7c06684656 default server 2017-11-23 19:20:50 +00:00
Bob Mottram 4df89d39b1 Running the main smilodon script 2017-11-23 18:39:11 +00:00
Bob Mottram ddf934fd72 Remove mongodb daemon if necessary 2017-11-23 18:32:29 +00:00
Bob Mottram 80c95b9b80 Check file for zero size 2017-11-23 18:27:03 +00:00
Bob Mottram 8e3a997fcb Turn smilodon environment into a script 2017-11-23 18:18:09 +00:00
Bob Mottram 3e7ab9a472 Creating mongodb database 2017-11-23 18:09:18 +00:00
Bob Mottram 9b1a368c77 Smilodon commit 2017-11-23 15:45:57 +00:00
Bob Mottram 4aed7a150d Braces 2017-11-23 13:20:42 +00:00
Bob Mottram 9e7376f9ac Only set vpn firewall if ethernet is connected 2017-11-23 10:46:40 +00:00
Bob Mottram 10e4cb3887 Fixing mesh hotspot 2017-11-22 22:21:01 +00:00
Bob Mottram 77ad570e16 Install dhcp server on mesh for secondary wifi adapter hotspot 2017-11-20 19:28:32 +00:00
Bob Mottram 1e81ad852c Scale icon to a standard size 2017-11-20 17:56:20 +00:00
Bob Mottram bc61630278 Copy trifa image 2017-11-20 17:53:35 +00:00
Bob Mottram 3b7ad6b406 Might not be necessary to install the tox repo 2017-11-20 15:33:02 +00:00
Bob Mottram 7a4ead163b Add TRifA tox client as a downloadable mesh app 2017-11-20 14:34:11 +00:00
Bob Mottram 5acbc67460 Backup and restore files containing list of mongodb apps 2017-11-20 11:15:54 +00:00
Bob Mottram e500a0de3b Remove mongodb when appropriate 2017-11-20 10:47:18 +00:00
Bob Mottram 89b7087c94 Note about battery optimisation of riot app 2017-11-19 23:20:27 +00:00
Bob Mottram 30f679e7df mongodb not available for arm7 2017-11-19 21:06:10 +00:00
Bob Mottram efb2dec1c6 Package name 2017-11-19 20:35:25 +00:00
Bob Mottram 7cc56af805 Smilodon app 2017-11-19 20:16:49 +00:00
Bob Mottram e172d15c0d Additional synapse dependency 2017-11-15 18:06:05 +00:00
Bob Mottram fb5520ba8c Synapse 0.25 2017-11-15 17:58:56 +00:00
Bob Mottram 85ba48269d Update riot hash 2017-11-15 12:18:41 +00:00
Bob Mottram 8577aaedd5 Bump riot version 2017-11-15 12:15:28 +00:00
Bob Mottram 63605dbbf0 Mastodon user interface for pleroma 2017-11-12 18:46:26 +00:00
Bob Mottram db5ac4297b Fix images on pleroma 2017-11-12 17:54:43 +00:00
Bob Mottram 634a8edb61 Increase timeout 2017-11-12 15:55:04 +00:00
Bob Mottram 0549a2a569 Pleroma commit to unclude mastodon UI 2017-11-12 14:52:07 +00:00
Bob Mottram 2cda9f84f6 Get pleroma dependencies 2017-11-12 13:56:21 +00:00
Bob Mottram be948f2396 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-11 22:39:09 +00:00
Bob Mottram d9e0c1b6b4 Use different readme image 2017-11-11 22:36:45 +00:00
Bob Mottram 121096d3dd Itallic 2017-11-11 18:24:31 +00:00
Bob Mottram 0b29a0e86f Itallic 2017-11-11 18:23:24 +00:00
Bob Mottram 9978569017 Surveillance option 2017-11-11 18:21:06 +00:00
Bob Mottram adb2924d1f Higher resolution emoji 2017-11-11 13:04:13 +00:00
Bob Mottram b4bf75288b Fix path 2017-11-11 12:45:31 +00:00
Bob Mottram a39cb8d514 webroot path 2017-11-11 11:58:20 +00:00
Bob Mottram 518540149d emoji in webroot 2017-11-11 11:57:52 +00:00
Bob Mottram 707d4a1c72 Try different path within emoji.txt 2017-11-11 11:51:03 +00:00
Bob Mottram a943e8e976 Change emoji resolution if not converting format 2017-11-11 11:47:07 +00:00
Bob Mottram 0d1368fddc Resize emoji images 2017-11-11 11:42:08 +00:00
Bob Mottram 270148db97 Remove original emoji after conversion 2017-11-11 11:33:36 +00:00
Bob Mottram 304d6ad150 Convert emoji images to png format 2017-11-11 10:00:12 +00:00
Bob Mottram 666fd17e25 Add custom emoji to pleroma 2017-11-10 22:41:55 +00:00
Bob Mottram fc8d850f4a Probably don't need the block script on pleroma because remote content isn't locally cached 2017-11-10 20:57:38 +00:00
Bob Mottram 4ae5bc3346 Pleroma logo 2017-11-10 17:43:51 +00:00
Bob Mottram ed9d6ace6d Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-10 13:15:01 +00:00
Bob Mottram 0e099f6648 Update hashes 2017-11-10 13:14:07 +00:00
Bob Mottram 14abffaf27 Hide cryptpad icon if mesh hotspot is enabled 2017-11-09 18:54:40 +00:00
Bob Mottram 33fe1d91d8 Avoid mesh conflicts between cryptpad and app download site 2017-11-09 12:33:11 +00:00
Bob Mottram 16d5c2b259 Update ssb mesh app 2017-11-09 10:48:39 +00:00
Bob Mottram 5586939b75 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-08 14:44:44 +00:00
Bob Mottram 6e48db7f0f Add pleroma documentation 2017-11-08 14:35:39 +00:00
Bob Mottram 4a39e740b8 Handle onion installs of pleroma 2017-11-08 12:54:36 +00:00
Bob Mottram 537248dbd7 Set encryption rounds low for use on low power devices 2017-11-07 22:22:37 +00:00
Bob Mottram 2e6f9e3507 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-07 21:22:59 +00:00
Bob Mottram 14f3964eae Secret key must be at least 64 bytes 2017-11-07 21:17:18 +00:00
Bob Mottram 3708790d82 Add timeout command for not very powerful SBCs 2017-11-07 19:48:19 +00:00
Bob Mottram 219ad6ac45 Another database restart 2017-11-07 18:44:33 +00:00
Bob Mottram c8f826343b Restart postgresql before creating database 2017-11-07 18:41:01 +00:00
Bob Mottram d2bef30573 postgresql packages need version numbers 2017-11-07 17:53:56 +00:00
Bob Mottram 0f2aff6827 n version 2017-11-07 16:34:22 +00:00
Bob Mottram 988b881ef1 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-07 15:40:54 +00:00
Bob Mottram 7e25a5303e Don't restart openvpn if it's not installed 2017-11-07 15:40:00 +00:00
Bob Mottram 5ce7c214d6 Remove additional packages 2017-11-07 12:06:37 +00:00
Bob Mottram b2984bcc00 Database name 2017-11-07 11:44:34 +00:00
Bob Mottram e2f532e058 Path 2017-11-07 10:58:10 +00:00
Bob Mottram 5c8e3ae622 Default pleroma theme 2017-11-07 10:57:15 +00:00
Bob Mottram 217f182f54 Background image for pleroma app 2017-11-07 10:52:23 +00:00
Bob Mottram 98e2865f33 Setting pleroma initial background 2017-11-07 10:31:49 +00:00
Bob Mottram 4e8a9bb393 Installing frontend with pleroma app 2017-11-07 10:20:55 +00:00
Bob Mottram 3510d7aa3c logic 2017-11-07 10:12:56 +00:00
Bob Mottram 10b3c5cff9 Upgrade of pleroma front end handles pure pleroma install 2017-11-07 10:12:23 +00:00
Bob Mottram ea0af2d1e1 Disable or enable registration within the pleroma frontend 2017-11-06 22:10:54 +00:00
Bob Mottram aa5feabc51 Also change pleroma background image in a separate static subdirectory 2017-11-06 21:35:20 +00:00
Bob Mottram 0b47e814e7 Recompile after background change 2017-11-06 20:37:15 +00:00
Bob Mottram ef7c88d310 Pleroma upgrades 2017-11-06 20:03:42 +00:00
Bob Mottram c1ef4567bf Enable or disable pleroma registrations 2017-11-06 19:41:06 +00:00
Bob Mottram 99fddf5f21 Revert pleroma user permissions if an error occurs 2017-11-06 18:52:19 +00:00
Bob Mottram 5a6669c033 Generate secret key for pleroma server 2017-11-06 18:49:35 +00:00
Bob Mottram 77f9da0a56 Missing redirect 2017-11-06 17:55:20 +00:00
Bob Mottram ad80a2b9d3 Fix for pleroma pubsub error 2017-11-06 17:27:05 +00:00
Bob Mottram f7d5d0c94f Additional pleroma configuration changes 2017-11-06 17:06:25 +00:00
Bob Mottram 1351d72a72 create extension 2017-11-06 15:56:36 +00:00
Bob Mottram cb1b654c7c Change permissionf for pleroma user during database creation 2017-11-06 15:34:46 +00:00
Bob Mottram 35bd3d34a5 Move pleroma frontend to backend directory 2017-11-06 14:43:38 +00:00
Bob Mottram 9a734bcd98 Tests for failure 2017-11-06 14:20:56 +00:00
Bob Mottram 19428773ac Set pleroma password 2017-11-06 14:15:33 +00:00
Bob Mottram b783cf465d Move repo if needed 2017-11-06 13:52:00 +00:00
Bob Mottram f449878573 Setting title 2017-11-06 13:36:51 +00:00
Bob Mottram 5ae8b62849 Add pleroma user after directory creation 2017-11-06 13:19:19 +00:00
Bob Mottram 7994cf979a Remove pleroma user 2017-11-06 13:10:09 +00:00
Bob Mottram b424e8899e Change pleroma directory 2017-11-06 12:41:26 +00:00
Bob Mottram ecac6e9e7f Pleroma social type 2017-11-06 12:15:56 +00:00
Bob Mottram 0c78e12bf1 mix is local 2017-11-06 11:38:58 +00:00
Bob Mottram 9bc6c8f4e5 Pleroma backend app 2017-11-06 11:29:20 +00:00
Bob Mottram 37ce2a1f9b Add postgresql as a restore option 2017-11-05 16:22:44 +00:00
Bob Mottram 5e5153eeaf Backup and restore of postgresql 2017-11-05 16:21:13 +00:00
Bob Mottram 6fff2720bc Postgresql functions 2017-11-05 14:39:32 +00:00
Bob Mottram 28a79f78a7 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-11-03 20:48:50 +00:00
Bob Mottram b0903495b5 Restart web server after updating files 2017-11-03 19:47:21 +00:00
Bob Mottram d96c098141 Add clacks from control panel 2017-11-03 19:36:40 +00:00
Bob Mottram 2080b7a8f1 mesh onion service only uses vpn port 2017-11-03 11:09:00 +00:00
Bob Mottram 5700f3f38b Prepare for v3 onion addresses 2017-11-02 17:40:00 +00:00
Bob Mottram 59c8de0089 Ask for domain first and only complain if vpn files are not available 2017-11-02 15:54:48 +00:00
Bob Mottram 980dcf01df Create a tor onion service for mesh peers if they are connected via ethernet 2017-11-02 14:22:23 +00:00
Bob Mottram 7e23ab7b87 syntax 2017-11-02 12:57:42 +00:00
Bob Mottram f816b7076f Install tor on mesh peers, but disable it by default 2017-11-02 12:56:54 +00:00
Bob Mottram 15bbcccec7 mesh logo 2017-11-01 18:59:17 +00:00
Bob Mottram fe28c12766 occ commands need sudo prefix 2017-11-01 11:11:45 +00:00
Bob Mottram 6e64539c93 Check that nextcloud encryption gets enabled 2017-11-01 10:45:19 +00:00
Bob Mottram e97168728b Updated hashes 2017-10-30 15:47:20 +00:00
Bob Mottram 23f1bbb452 Increase image size for mesh routers 2017-10-30 14:24:50 +00:00
Bob Mottram 8462ba2f85 Can install nodejs on mesh routers 2017-10-30 13:16:07 +00:00
Bob Mottram 51bc88f869 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-10-30 12:16:49 +00:00
Bob Mottram 3d031acfda Update hashes 2017-10-30 12:15:25 +00:00
Bob Mottram f0662e8a57 Don't use the offline status for patchwork on the mesh 2017-10-29 18:21:03 +00:00
Bob Mottram f0e227a079 Crop some mesh images to make them icon agnostic 2017-10-29 17:15:58 +00:00
Bob Mottram 0d4e8ab1c2 More updated mesh images 2017-10-29 17:05:06 +00:00
Bob Mottram ecb8dbf2b8 Updated mesh screenshots 2017-10-29 16:57:08 +00:00
Bob Mottram 94c5af7f7d Restore scuttlebot on mesh routers 2017-10-29 15:36:45 +00:00
Bob Mottram 716705fbea More full screen lists on mesh icons 2017-10-29 14:54:11 +00:00
Bob Mottram ee1a94c8b8 Update mesh netbook image for new icons 2017-10-29 14:00:33 +00:00
Bob Mottram 59ea51368b Messages during mesh network restart 2017-10-29 11:49:02 +00:00
Bob Mottram dc48d8a984 Some messages when running mesh wifi monitor 2017-10-29 11:42:33 +00:00
Bob Mottram 988f0ef169 Full screen the mesh wifi monitor 2017-10-29 11:32:34 +00:00
Bob Mottram 92ab00d66b Full screen the terminal, otherwise the user can't tell what is going on during identity reset 2017-10-29 11:20:32 +00:00
Bob Mottram 61de220c36 Don't need mate-terminal for new identity with zenity 2017-10-29 11:11:54 +00:00
Bob Mottram cd2fbf665b Don't need the process count since the confliciting script is gone 2017-10-29 11:04:56 +00:00
Bob Mottram 153afb2bd9 Don't need the set username script 2017-10-29 11:03:36 +00:00
Bob Mottram 455035e9b1 zenity width 2017-10-28 20:54:37 +01:00
Bob Mottram af9806f462 Use zenity for mesh identity reset 2017-10-28 20:43:26 +01:00
Bob Mottram 239614e8e8 Prevent multiple instances of username entry dialog from running 2017-10-28 20:02:02 +01:00
Bob Mottram 1d929909ba Updating the social icon when a mesh peer goes online 2017-10-28 17:16:08 +01:00
Bob Mottram 257251b50a More mesh desktop translations 2017-10-28 16:30:02 +01:00
Bob Mottram dd5eaaed8e Syntax fixes 2017-10-28 15:13:33 +01:00
Bob Mottram 5362393942 Only start tahoelafs if it's installed 2017-10-28 14:47:47 +01:00
Bob Mottram dba86a7bdc mate-terminal option sequence 2017-10-28 14:41:27 +01:00
Bob Mottram 514a3c4cce No need to copy cryptpad icon 2017-10-28 14:11:27 +01:00
Bob Mottram 4f00325cae Slimmer icon 2017-10-28 12:28:59 +01:00
Bob Mottram 1f363f205f More translations for mesh desktop 2017-10-28 12:22:14 +01:00
Bob Mottram f73584e75c Topical 2017-10-28 11:32:45 +01:00
Bob Mottram 4bacf8abd5 India is pretty big 2017-10-28 11:21:03 +01:00
Bob Mottram f4147222f6 Some mesh desktop translations 2017-10-28 11:06:14 +01:00
Bob Mottram d7936967df Remove any existing vpn client keys when resetting mesh identity 2017-10-28 10:03:26 +01:00
Bob Mottram 76fc3d2148 Remove cryptpad datastore when resetting mesh identity 2017-10-28 09:56:38 +01:00
Bob Mottram 8afa0b062f Icon names 2017-10-27 23:37:53 +01:00
Bob Mottram 916ad3216e Terminal geometry when showing username prompt 2017-10-27 23:33:02 +01:00
Bob Mottram 685b9da446 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-10-27 21:28:36 +01:00
Bob Mottram 811c90e092 Sites mesh icon 2017-10-27 21:19:46 +01:00
Bob Mottram fbcd592226 New mesh icons 2017-10-27 21:03:39 +01:00
Bob Mottram 0175ca74f2 vpn architecture diagram 2017-10-27 14:28:49 +01:00
Bob Mottram 4d6f5d221b mesh architecture diagrams 2017-10-27 13:11:10 +01:00
Bob Mottram f22b3b3f3b Ordering of mesh documentation index 2017-10-27 12:01:21 +01:00
Bob Mottram 7d8c83418d Ordering of links 2017-10-27 11:58:41 +01:00
Bob Mottram 2bf73ea629 mesh usage documentation contents links 2017-10-27 11:56:52 +01:00
Bob Mottram 5d33d72808 mesh philosophic 2017-10-27 11:50:42 +01:00
Bob Mottram e050cc3009 mesh philosophic 2017-10-27 11:49:16 +01:00
Bob Mottram e04a576e0d Split up mesh documentation into smaller subsections 2017-10-27 11:46:14 +01:00
Bob Mottram 7800ebf4ec Use zenity to set the initial username on mesh client 2017-10-26 23:35:42 +01:00
Bob Mottram cd6b5f1320 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-10-26 13:03:59 +01:00
Bob Mottram 576011af74 Update current image hashes 2017-10-26 13:03:20 +01:00
Bob Mottram 881d5e2cfb Mesh connect image 2017-10-25 20:24:28 +01:00
Bob Mottram 7a6173bf7b Describe vpn connection of meshes 2017-10-25 20:14:45 +01:00
Bob Mottram c488eaee81 Cryptpad documentation 2017-10-25 18:02:46 +01:00
Bob Mottram 76a3f0a533 cryptpad images 2017-10-25 17:41:13 +01:00
Bob Mottram b1d03ec817 cryptpad hostname 2017-10-25 17:22:31 +01:00
Bob Mottram ef686e6264 Handle firewall when changing vpn tls port 2017-10-25 14:02:19 +01:00
Bob Mottram f5a8c42645 Setting vpn tls port from control panel 2017-10-25 13:37:53 +01:00
Bob Mottram 62bea42aca vpn tls port on mesh 2017-10-25 13:29:07 +01:00
Bob Mottram c2aa4d210d Add an icon to VPN connect to another mesh 2017-10-24 23:35:47 +01:00
Bob Mottram ce49d06d18 Use hostname when opening cryptpad from desktop icon
So that copying and pasting a link to a document makes sense
2017-10-24 14:05:26 +01:00
Bob Mottram 14e21bc6dd Set up the web server for cryptpad on the mesh 2017-10-24 13:53:27 +01:00
Bob Mottram 460eece8cf Link within chroot 2017-10-24 13:34:17 +01:00
Bob Mottram 92bb07ce34 Duplicate entry 2017-10-24 13:30:57 +01:00
Bob Mottram feb629211f Typo 2017-10-24 11:31:43 +01:00
Bob Mottram 25dfda1493 Run cryptpad install script for mesh 2017-10-24 11:30:46 +01:00
Bob Mottram d81a4b0827 Copy icon after directory creation 2017-10-24 11:05:35 +01:00
Bob Mottram 333c4d7656 cryptpad icon 2017-10-23 23:13:13 +01:00
Bob Mottram e928240e98 Save public key to file 2017-10-23 21:09:12 +01:00
Bob Mottram 75b72cb787 Use editbox 2017-10-23 21:05:15 +01:00
Bob Mottram 6659501337 Extra large input box 2017-10-23 20:28:04 +01:00
Bob Mottram 7f8609a3aa Importing gpg full public keys from the control panel 2017-10-23 20:24:09 +01:00
Bob Mottram 8f13c6e193 Preparing for cryptpad icon 2017-10-23 20:12:10 +01:00
Bob Mottram 1bbbda7c07 Install cryptpad on mesh clients 2017-10-23 18:39:29 +01:00
Bob Mottram 15d003e3f1 Remove package check 2017-10-15 23:48:01 +01:00
Bob Mottram 080eb8e947 Use current directory for images 2017-10-15 11:27:22 +01:00
Bob Mottram 82842b0ccb Missing bracket 2017-10-15 11:25:52 +01:00
Bob Mottram f5ddd9ce48 Another dns resolver 2017-10-15 10:51:49 +01:00
Bob Mottram 45acf8738a Add a scary warning if you choose Google DNS 2017-10-15 10:25:23 +01:00
Bob Mottram b584bed3a5 Another DNS option, for added diversity 2017-10-15 10:18:39 +01:00
Bob Mottram 0ee2753717 Retire the goog, except as the lastest resort. You know what I'm sayin 2017-10-15 10:09:18 +01:00
Bob Mottram 7b67f728e8 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-10-14 19:55:49 +01:00
Bob Mottram 5ee8053265 Move Sharings plugin repos to github 2017-10-14 14:42:11 +01:00
Bob Mottram 08e772eed5 Tidying of nodejs install 2017-10-14 12:29:20 +01:00
Bob Mottram bd795f62e5 n architecture for arm 2017-10-14 11:58:02 +01:00
Bob Mottram d01ca75224 node n version 2017-10-14 11:17:24 +01:00
Bob Mottram 4a8491e76b nodejs version 2017-10-14 10:36:03 +01:00
Bob Mottram 6ec336da06 Attempt npm install fix 2017-10-13 23:06:27 +01:00
Bob Mottram 007c1cb898 Return of the n_arch 2017-10-13 22:34:48 +01:00
Bob Mottram 2ff74be399 Don't check nodejs version right away 2017-10-13 22:31:45 +01:00
Bob Mottram 4055590fcc Try n without arch 2017-10-13 21:55:22 +01:00
Bob Mottram c23cd4aee5 Check multiple possible nodes 2017-10-13 20:50:21 +01:00
Bob Mottram be43cf38a3 https transport needed for nodejs install 2017-10-13 20:22:12 +01:00
Bob Mottram 146d88d3cf Fix wget for nodejs repo key 2017-10-13 19:56:31 +01:00
Bob Mottram 2ae9c79f9d Make mesh npm install similar to previous methos 2017-10-13 19:28:43 +01:00
Bob Mottram d2e907e5e2 wget needed 2017-10-13 18:22:22 +01:00
Bob Mottram c770026d47 Improve handling of npm install script 2017-10-13 17:56:59 +01:00
Bob Mottram 283c470d21 Deprecated mac 2017-10-07 13:02:53 +01:00
Bob Mottram 7f44f8b194 Update profanity commits 2017-10-07 12:55:48 +01:00
Bob Mottram bbb46a37f7 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-10-07 10:20:52 +01:00
Bob Mottram 49a688b5ca Update mesh image hashes 2017-10-07 10:19:55 +01:00
Bob Mottram f608c47b90 New hashes for mesh images 2017-10-06 22:38:03 +01:00
Bob Mottram 0f405c932f Don't install scuttlebot on arm 2017-10-06 21:20:22 +01:00
Bob Mottram d0e2c8fd60 Enable execute status of invite icon 2017-10-06 13:41:59 +01:00
Bob Mottram cb56cd94eb Backslashes 2017-10-06 12:51:46 +01:00
Bob Mottram 84c96334bc Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-10-06 10:52:05 +01:00
Bob Mottram 5865f2633d Only enable scuttlebot on mesh gateways 2017-10-06 10:47:35 +01:00
Bob Mottram ecd0706eac Still include audacity within the mesh client 2017-10-05 23:24:31 +01:00
Bob Mottram a6a24b9655 Deprecate ferment. Using invites is too unreliable and there is reported high bandwidth usage 2017-10-05 23:22:44 +01:00
Bob Mottram a7f23f4a5f Fix invite script 2017-10-05 22:50:57 +01:00
Bob Mottram fc69415506 Generating scuttlebot invites on the mesh 2017-10-05 19:52:31 +01:00
Bob Mottram f09b6732ab Use IPv4 address for scuttlebot 2017-10-05 18:18:15 +01:00
Bob Mottram 588c58799f Allow local ip addresses for scuttlebot 2017-10-05 17:43:10 +01:00
Bob Mottram 20a89b7a33 Width command makes no difference anyway 2017-10-05 15:10:36 +01:00
Bob Mottram 59ef8ff65d Image width 2017-10-05 15:09:17 +01:00
Bob Mottram ce70b72090 Image width 2017-10-05 14:55:21 +01:00
Bob Mottram b713a93d7f Describe connecting meshes 2017-10-05 14:51:55 +01:00
Bob Mottram 7380092708 Better description of the mesh system 2017-10-05 13:21:23 +01:00
Bob Mottram f47d107f98 Advice on connecting the mesh to the internet 2017-10-05 13:14:18 +01:00
Bob Mottram c56c52da84 Update mesh instructions for mobile 2017-10-05 13:05:00 +01:00
Bob Mottram bbaa8b7088 Mobile mesh apps page with smaller heading 2017-10-05 11:45:24 +01:00
Bob Mottram a9acefeea6 Downloads page for mesh mobile apps 2017-10-04 20:45:59 +01:00
Bob Mottram 85729ed2f7 Get secondary wifi adapter working on mesh 2017-10-04 16:19:57 +01:00
Bob Mottram 741ef6f7c9 Script for shutting down the mesh 2017-10-02 22:52:44 +01:00
Bob Mottram 83d62a7af9 More conservative filesystem for desktop type systems 2017-10-02 22:08:16 +01:00
Bob Mottram cfd9a1f80d Switch to using a different scuttlebot port 2017-10-02 21:57:24 +01:00
Bob Mottram 80e8be80c5 Change filesystem for mesh client 2017-10-02 20:57:07 +01:00
Bob Mottram 3d8b46f0c1 Add scuttlebot to mesh firewall 2017-10-02 17:32:14 +01:00
Bob Mottram fe6495c2a2 Use a separate port for scuttlebot on the mesh 2017-10-02 17:24:30 +01:00
Bob Mottram fba84bcffd mesh desktop icons 2017-10-02 13:47:08 +01:00
Bob Mottram 314bbf5569 Re-include scuttlebot in the main install 2017-10-02 10:46:12 +01:00
Bob Mottram fa2c6aee2d Scuttlebot version 2017-10-02 10:43:59 +01:00
Bob Mottram 6125c67568 mesh vpn port 2017-10-02 10:08:32 +01:00
Bob Mottram 1067b3e8cf Change place where ssb mesh icons are initially created 2017-10-01 20:10:51 +01:00
Bob Mottram 073ad0f888 Install scuttlebot on mesh
This should better enable nat traversal between the internet and the mesh
2017-10-01 19:46:02 +01:00
Bob Mottram 278bffa7ee Local user may not exist 2017-10-01 16:00:51 +01:00
Bob Mottram 399af60ccc Add initial mesh desktop icons which can be used offline 2017-10-01 15:58:35 +01:00
Bob Mottram b46faa6b51 If you're going to listen to audio then you presumably also need the ability to create it 2017-10-01 13:56:37 +01:00
Bob Mottram bd3d91566e Add ferment to mesh desktop 2017-10-01 13:54:30 +01:00
Bob Mottram 2d1ddbbf58 Move vpn key generation functions into initial mesh setup script 2017-09-30 22:46:01 +01:00
Bob Mottram 7906f36373 Kill patchwork before creating new mesh identity 2017-09-30 22:28:34 +01:00
Bob Mottram d555cd35f3 Remove old mesh vpn 2017-09-30 21:25:03 +01:00
Bob Mottram 09d107f903 mesh setup 2017-09-30 20:06:36 +01:00
Bob Mottram c4b77f7df3 prefix 2017-09-30 19:51:15 +01:00
Bob Mottram 35b4222595 Separate vpn port for mesh 2017-09-30 19:21:58 +01:00
Bob Mottram a68de1c30c mesh firewall for vpn 2017-09-30 14:06:26 +01:00
Bob Mottram 5ee100c67d Generate vpn keys on mesh 2017-09-30 14:01:05 +01:00
Bob Mottram 8322e0a553 Faster dhparams for vpn 2017-09-30 12:40:06 +01:00
Bob Mottram 4cdd66d6f9 Output dhparams to a given file 2017-09-30 12:37:19 +01:00
Bob Mottram 15de51d223 Set fast variable 2017-09-30 12:34:21 +01:00
Bob Mottram 30fcc2c469 Remove previous mesh tunnel 2017-09-30 12:30:23 +01:00
Bob Mottram 87e078b2ed vpn within mesh image 2017-09-30 12:22:22 +01:00
Bob Mottram 81c2c54493 Check that mac address gets generated 2017-09-29 22:23:03 +01:00
Bob Mottram a5d2b6a69e Tidying the batman script 2017-09-29 20:02:43 +01:00
Bob Mottram 0e314866e0 state 2017-09-29 18:11:43 +01:00
Bob Mottram 2cc77069ee Mesh bridge forwarding 2017-09-29 17:32:51 +01:00
Bob Mottram 5ea411c113 Use dhclient for ethernet mesh bridge 2017-09-29 13:31:09 +01:00
Bob Mottram 057c1389cc No tunnel yet 2017-09-29 12:58:07 +01:00
Bob Mottram 6e1379904a mesh tunnel build script 2017-09-29 10:24:50 +01:00
Bob Mottram c3a1d3cb45 mesh tunnel 2017-09-28 23:43:36 +01:00
Bob Mottram b776fbf0d6 local path for qtox 2017-09-28 20:14:01 +01:00
Bob Mottram 56fea6e8a9 Package name 2017-09-28 19:25:55 +01:00
Bob Mottram 69a324a1e5 Toxic commit 2017-09-28 19:06:22 +01:00
Bob Mottram f881c40835 Additional tox packages 2017-09-28 19:05:00 +01:00
Bob Mottram 5be272d9ed Bump toxcore commit 2017-09-28 18:09:37 +01:00
Bob Mottram cde6282fe6 qtox build with cmake 2017-09-28 17:10:05 +01:00
Bob Mottram 590bcd316c Check that repo clone happens 2017-09-28 15:04:02 +01:00
Bob Mottram c247d4c63d Firewall for mesh tunnel 2017-09-28 14:56:21 +01:00
Bob Mottram d7784143f0 Mesh tunnel 2017-09-28 14:46:29 +01:00
Bob Mottram 0c7e4e499e Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-28 10:45:37 +01:00
Bob Mottram 14a521e770 Mention vpn 2017-09-28 10:42:36 +01:00
Bob Mottram 868fb628a7 Link to latest builds 2017-09-28 10:23:49 +01:00
Bob Mottram f81ab83fdb Link to latest builds 2017-09-28 10:23:12 +01:00
Bob Mottram 01e9b08453 Link to other ARM boards 2017-09-28 10:21:32 +01:00
Bob Mottram eadab12404 Make the list of supported ARM boards more obvious 2017-09-28 10:17:37 +01:00
Bob Mottram a1c5b3132b openvpn logging 2017-09-27 18:35:05 +01:00
Bob Mottram 2e10444237 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-27 18:01:04 +01:00
Bob Mottram 0359de62c1 Mention TLS wrapper 2017-09-27 17:58:18 +01:00
Bob Mottram a326d38eba Documentation on vpn 2017-09-27 17:46:45 +01:00
Bob Mottram 886e9a8c49 Backup and restore stunnel 2017-09-27 15:31:50 +01:00
Bob Mottram a7f783c3a8 Restart openvpn after stunnel install 2017-09-27 15:13:00 +01:00
Bob Mottram 78c55d7e23 Restore vpn server certs 2017-09-27 15:06:53 +01:00
Bob Mottram 1cb7f22109 Shorten paths 2017-09-27 14:56:17 +01:00
Bob Mottram 9229d27db0 Check if vpn dhparams get generated 2017-09-27 14:23:32 +01:00
Bob Mottram 5fac7b57ad Fix vpn configs 2017-09-27 14:16:20 +01:00
Bob Mottram 0d12d944fd Clear after entering vpn settings 2017-09-27 12:44:08 +01:00
Bob Mottram 0c148120d6 Field width 2017-09-27 12:42:36 +01:00
Bob Mottram 9122145f1e Temporary vpn tls port 2017-09-27 12:40:35 +01:00
Bob Mottram 3c9ca52c77 Defailt vpn tls port 2017-09-27 12:36:13 +01:00
Bob Mottram 0e2a95659a Restart nginx if needed after vpn removal 2017-09-26 23:48:05 +01:00
Bob Mottram acd6db9a6c Remove stunnel daemon 2017-09-26 23:44:43 +01:00
Bob Mottram 063bcca516 Regenerating user vpn keys 2017-09-26 23:12:32 +01:00
Bob Mottram d35b5af059 Keep a backup of client keys 2017-09-26 23:05:01 +01:00
Bob Mottram 57f8b11c07 Add tls wrapper to vpn 2017-09-26 22:47:19 +01:00
Bob Mottram b738afa07a Extra vpn settings 2017-09-26 17:12:47 +01:00
Bob Mottram 43c6406e2f Use firewall function for vpn 2017-09-26 16:31:51 +01:00
Bob Mottram 10da38da0c vpn on tcp 2017-09-26 15:51:43 +01:00
Bob Mottram 63df10c225 Original vpn firewall 2017-09-26 15:31:51 +01:00
Bob Mottram 1f79a451b5 Nobody on the client 2017-09-26 14:37:36 +01:00
Bob Mottram f9a6339f14 Include tcp 2017-09-26 14:36:09 +01:00
Bob Mottram 62854406f1 vpn user 2017-09-26 14:25:34 +01:00
Bob Mottram bbb9220883 Use same names as vpn examples 2017-09-26 14:09:51 +01:00
Bob Mottram 8434e38c9e Don't remove user certs 2017-09-26 12:19:06 +01:00
Bob Mottram 193f5aa20c Set maximum vpn clients 2017-09-25 23:35:11 +01:00
Bob Mottram f4281adfcd tcp vpn port 2017-09-25 23:13:36 +01:00
Bob Mottram 874816cd05 nobody 2017-09-25 22:43:50 +01:00
Bob Mottram fdaad4e96f non-interactive vpn install 2017-09-25 22:34:35 +01:00
Bob Mottram 76f8d4e47c Delete existing vpn certs if needed 2017-09-25 22:17:52 +01:00
Bob Mottram 0a44e11e3f Server vpn cert check 2017-09-25 22:13:50 +01:00
Bob Mottram 31fdd2dd2b Additional cert checks 2017-09-25 22:00:52 +01:00
Bob Mottram dea56279e4 Don't use ta.key 2017-09-25 21:54:54 +01:00
Bob Mottram 5ec792bcd6 Stop forwarding when removing vpn 2017-09-25 19:06:00 +01:00
Bob Mottram 00d1e643c6 Starting vpn daemon 2017-09-25 18:42:51 +01:00
Bob Mottram 6cd292e51a Tidying 2017-09-25 17:57:58 +01:00
Bob Mottram dbe966bb90 Tidying 2017-09-25 17:29:27 +01:00
Bob Mottram 496aa4c5dc Log the times when external IP address changes 2017-09-25 17:21:53 +01:00
Bob Mottram d29cc73898 Move external ip function 2017-09-25 17:18:59 +01:00
Bob Mottram e6e7711f65 Only append to firewall list if needed 2017-09-25 17:11:18 +01:00
Bob Mottram e9c47c397e vpn ip range 2017-09-25 17:10:33 +01:00
Bob Mottram 1ed9361f77 Check for versioned configuration 2017-09-25 16:18:37 +01:00
Bob Mottram 26d3d9dcd3 Add vpn port to firewall 2017-09-25 16:04:10 +01:00
Bob Mottram 88814202a6 More carriage returns 2017-09-25 15:46:59 +01:00
Bob Mottram e33b9ff6c5 More carriage returns 2017-09-25 15:45:30 +01:00
Bob Mottram 190e37043d Only generate dhparams if needed 2017-09-25 15:33:00 +01:00
Bob Mottram 334dbce583 Don't need static IP 2017-09-25 15:28:52 +01:00
Bob Mottram 6e15f791d8 Different way of trapping ipv6 address error 2017-09-25 14:54:23 +01:00
Bob Mottram 88d45d0b23 Don't display unreachable address 2017-09-25 14:40:12 +01:00
Bob Mottram d73f5a6785 cron entry to update external IP for vpn 2017-09-25 14:28:18 +01:00
Bob Mottram 7e888f5de5 Better vpn function names 2017-09-25 11:38:39 +01:00
Bob Mottram 6745a21324 External 2017-09-25 11:37:15 +01:00
Bob Mottram 71add55175 More obvious variable name 2017-09-25 11:35:27 +01:00
Bob Mottram aec19a4876 Show external ipv4 address on about screen 2017-09-25 11:10:26 +01:00
Bob Mottram 021a850a5e Change dns used for external IP address detection 2017-09-25 10:52:17 +01:00
Bob Mottram 29671b04ad Store ip address used for forwarding 2017-09-25 10:23:03 +01:00
Bob Mottram 01c182b668 Backup and restore vpn keys 2017-09-24 23:37:41 +01:00
Bob Mottram 54bc008961 Check vpn client template exists 2017-09-24 23:21:46 +01:00
Bob Mottram c432d69551 Remove vpn client keys 2017-09-24 23:12:53 +01:00
Bob Mottram 42a6706480 Year 2017-09-24 22:49:43 +01:00
Bob Mottram 0ceb6e8d59 Add openvpn 2017-09-24 22:48:01 +01:00
Bob Mottram 7bb41c166c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-23 21:47:29 +01:00
Bob Mottram a518657aef Included multiwriter 2017-09-23 21:46:36 +01:00
Bob Mottram 08989af24b Install usb cloning tool on mesh client 2017-09-23 21:43:15 +01:00
Bob Mottram b4d1b8065b mesh quote 2017-09-23 21:23:28 +01:00
Bob Mottram 4c5ef073f4 Use original text 2017-09-23 21:05:26 +01:00
Bob Mottram 315c1fe7af Ten social specifications 2017-09-23 20:46:11 +01:00
Bob Mottram e66e01bbce Fix gitlab searx config 2017-09-23 14:37:21 +01:00
Bob Mottram f97728d95d Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-23 12:43:23 +01:00
Bob Mottram e901851d9c Don't use local search because torify objects to anything local 2017-09-23 12:42:39 +01:00
Bob Mottram fc62fe6bfd Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-23 12:32:48 +01:00
Bob Mottram e766e655f3 Update default search after searx removal 2017-09-23 12:31:56 +01:00
Bob Mottram 1f7c90cd49 Set default search if searx is available 2017-09-23 12:28:57 +01:00
Bob Mottram 5293a3cdf2 Avoid duplicate bashrc entries 2017-09-23 12:24:23 +01:00
Bob Mottram d7abf4dc06 Use searx as default search for users 2017-09-23 12:21:38 +01:00
Bob Mottram 391edfe243 Update default search engine for all users 2017-09-23 12:17:16 +01:00
Bob Mottram 8dd4a651a3 Wording 2017-09-23 11:09:11 +01:00
Bob Mottram 1b14ea302d Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-23 11:05:51 +01:00
Bob Mottram ac69919662 Update searx documentation 2017-09-23 11:03:24 +01:00
Bob Mottram c9f0223c58 Increase dialog size 2017-09-23 10:42:22 +01:00
Bob Mottram a51f70e424 Ability to turn metasearch login on or off 2017-09-23 10:40:30 +01:00
Bob Mottram d128c66ff8 Return to using admin user for the usb canary 2017-09-22 18:32:30 +01:00
Bob Mottram 557d3c4cd5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-22 18:08:36 +01:00
Bob Mottram c759f7939f Don't trigger usb canary if recently rebooted 2017-09-22 18:03:54 +01:00
Bob Mottram dd809e6052 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-22 17:03:15 +01:00
Bob Mottram 30a181f7fc Relead after sysctl changes 2017-09-22 17:02:29 +01:00
Bob Mottram 980689992a Turn off tcp timestamps 2017-09-22 17:00:40 +01:00
Bob Mottram 624a6b4f97 Ensure address space layout randomization 2017-09-22 16:30:57 +01:00
Bob Mottram 2aa8db9684 Ensure that motd gets locked down 2017-09-22 15:40:30 +01:00
Bob Mottram 5660ef3b65 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-22 15:16:54 +01:00
Bob Mottram 4dd8bb7df8 Don't store elinks browsing history 2017-09-22 15:16:08 +01:00
Bob Mottram 124c398720 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-22 13:39:47 +01:00
Bob Mottram 909580a0f1 Footer 2017-09-22 13:18:42 +01:00
Bob Mottram 8eb564d265 Advice on blocking Facebook 2017-09-22 13:11:00 +01:00
Bob Mottram 0061deff3f dd command with sync 2017-09-21 11:11:23 +01:00
Bob Mottram 28711ca1e5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-21 11:06:23 +01:00
Bob Mottram 60f2ac5e2e Extra python packages 2017-09-20 21:30:08 +01:00
Bob Mottram ec755b08cc Install python setuptools 2017-09-20 21:17:11 +01:00
Bob Mottram 0d8aae8576 Armbian setup image 2017-09-20 20:04:06 +01:00
Bob Mottram 9145ba6d06 armbian install instructions 2017-09-20 19:15:36 +01:00
Bob Mottram e6d1ec9a9a Don't include training carriage return on passwords 2017-09-20 15:23:58 +01:00
Bob Mottram a68af68705 Retire armadillo 2017-09-20 15:20:03 +01:00
Bob Mottram ae465fe712 Qvitter url 2017-09-20 15:09:07 +01:00
Bob Mottram 56b5bd42d3 Switch to the backup repo for Qvitter 2017-09-20 14:42:37 +01:00
Bob Mottram 446e05239e Check that qvitter repo was installed 2017-09-19 20:41:41 +01:00
Bob Mottram 919e4b49e6 Don't try to install pleroma on 64bit arm 2017-09-19 19:46:38 +01:00
Bob Mottram 95d12e1384 Optional chroot when installing nodejs 2017-09-19 11:03:45 +01:00
Bob Mottram b853161bd4 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-19 09:50:31 +01:00
Bob Mottram 0871350f21 Different way of installing nodejs 2017-09-18 23:44:12 +01:00
Bob Mottram 14f8abf596 torsocks now needed for torify 2017-09-18 23:13:07 +01:00
Bob Mottram 26a132b5c4 Check the correct email address when generating a gpg key 2017-09-18 22:51:22 +01:00
Bob Mottram 9804c49a2c Check if an error is returned when getting public key ID 2017-09-18 21:36:00 +01:00
Bob Mottram ad02634386 Create a gpg key is the ID isn't found 2017-09-18 21:31:06 +01:00
Bob Mottram 55c76ed6f6 Setup gpg-agent before creating keys 2017-09-18 21:15:18 +01:00
Bob Mottram 98adf1ec5a Ensure that gpg agent is setup when creating backup key 2017-09-18 19:48:06 +01:00
Bob Mottram c01b22cda2 Check for keys after creation 2017-09-18 19:01:58 +01:00
Bob Mottram 352126ba74 Bump go version to support aarch64 2017-09-18 18:49:55 +01:00
Bob Mottram a6ed88fea5 To be on the safe side when detecting 64bit arm #72 2017-09-18 15:50:36 +01:00
Bob Mottram f836b17643 arm64 for nodejs downloads #72 2017-09-18 15:44:59 +01:00
Bob Mottram 52c9c5abc7 Use arm64 golang download for aarch64 #72 2017-09-18 15:38:45 +01:00
Bob Mottram 2e99116062 Select arm downloads for aarch #72 2017-09-18 15:27:11 +01:00
Bob Mottram 9117ee7118 Exit if architecture is not detected for IPFS install 2017-09-18 15:21:27 +01:00
Bob Mottram da5d4d25ba Check that architecture is detected when installing Go #72 2017-09-18 15:11:29 +01:00
Bob Mottram 3039df100b Note about slow opening time of Patchwork 2017-09-18 11:40:52 +01:00
Bob Mottram bf8543e58d Remove ssb files when reseting mesh identity 2017-09-18 11:03:03 +01:00
Bob Mottram 87948da68a Update mesh image hashes 2017-09-17 23:16:21 +01:00
Bob Mottram 717846ec5c List social network as a mesh capability 2017-09-17 21:11:26 +01:00
Bob Mottram 46790f951b Patchwork documentation 2017-09-17 21:05:00 +01:00
Bob Mottram 0f2fb846b3 Check that patchwork directory gets created 2017-09-17 18:16:58 +01:00
Bob Mottram f1199d0d42 rootdir 2017-09-17 18:13:38 +01:00
Bob Mottram 9d3c597519 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-17 17:56:06 +01:00
Bob Mottram b5188d3392 Avoid repeatedly altering desktop file 2017-09-17 17:54:53 +01:00
Bob Mottram 0f72006fd0 Better handling of the social icon on mesh desktop 2017-09-17 17:49:15 +01:00
Bob Mottram 10c3200dd8 Double 2017-09-17 15:53:34 +01:00
Bob Mottram ab283171dd Show desktop icon in the usual mesh manner 2017-09-17 15:52:02 +01:00
Bob Mottram 201321913c Patchwork icon 2017-09-17 15:25:39 +01:00
Bob Mottram bbe9ace696 Reverse logic 2017-09-17 15:22:06 +01:00
Bob Mottram af97157d4a Patchwork desktop icon on mesh client 2017-09-17 15:16:05 +01:00
Bob Mottram 4b5dd72c22 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-17 13:28:35 +01:00
Bob Mottram 2e630eb991 Patchwork commit for dark theme 2017-09-17 13:24:39 +01:00
Bob Mottram 3e4e0c3007 SSB also needs tcp for posts 2017-09-17 11:23:41 +01:00
Bob Mottram 3ebd4d372d Port used for SSB udp broadcasts on lan 2017-09-17 10:57:53 +01:00
Bob Mottram e27f7843ef Install git-ssb on mesh 2017-09-17 10:35:11 +01:00
Bob Mottram 102c98cd3a Larger image size is needed during build 2017-09-16 11:10:59 +01:00
Bob Mottram f5020f8a52 Smaller meshclient image 2017-09-16 10:36:23 +01:00
Bob Mottram c44743a509 Zero initial bytes 2017-09-15 22:20:14 +01:00
Bob Mottram f6810fbba6 Zero the initial drive bytes 2017-09-15 22:15:40 +01:00
Bob Mottram d0eb13b5ec Installing npm on mesh image 2017-09-15 19:50:23 +01:00
Bob Mottram 44d8d33d56 Rebuild electron 2017-09-15 19:21:09 +01:00
Bob Mottram 338dbbe3f9 Add link 2017-09-15 10:29:51 +01:00
Bob Mottram ea29e62157 Question about clearnet domains #71 2017-09-15 10:28:18 +01:00
Bob Mottram c4a8f8718f Include leveldown 2017-09-14 17:20:50 +01:00
Bob Mottram 052e01be4d Ensure npm version doesn't get reverted 2017-09-14 17:18:51 +01:00
Bob Mottram 388f3d6168 Set n architecture 2017-09-14 13:34:22 +01:00
Bob Mottram 33fe399457 Update node version on mesh build 2017-09-14 13:19:30 +01:00
Bob Mottram 15b6762f79 npm architecture 2017-09-14 12:28:14 +01:00
Bob Mottram bee662a55d Different architecture specification method 2017-09-13 23:14:21 +01:00
Bob Mottram 34f82b7d57 Set npm architecture 2017-09-13 22:54:56 +01:00
Bob Mottram 4bef56f305 Try to install electron 2017-09-13 22:19:19 +01:00
Bob Mottram 370561d40f Tidying of mesh install of nodejs 2017-09-13 20:10:28 +01:00
Bob Mottram 3555879d7c global 2017-09-13 19:22:04 +01:00
Bob Mottram 223d0b7dcb Electron version 2017-09-12 22:29:34 +01:00
Bob Mottram 575f0b29e8 Install electron for SSB on mesh 2017-09-12 22:16:12 +01:00
Bob Mottram 164481ce2e Different way of setting the npm version 2017-09-12 20:00:46 +01:00
Bob Mottram c6b7001cab npm version 2017-09-12 19:41:14 +01:00
Bob Mottram 0c0e2b9ecc Tidying 2017-09-12 18:52:55 +01:00
Bob Mottram cd143fdefc Specify npm version 2017-09-12 18:50:14 +01:00
Bob Mottram 1fd767b7c3 Check for presence of node 2017-09-12 16:31:20 +01:00
Bob Mottram e58eef0651 Search for node 2017-09-12 16:04:12 +01:00
Bob Mottram 6756137f15 Install npm in mesh image 2017-09-12 14:51:37 +01:00
Bob Mottram 90e086eb88 quiet 2017-09-12 14:17:37 +01:00
Bob Mottram 15de7db0ea install 2017-09-12 14:05:58 +01:00
Bob Mottram c8e0dae841 Try installing patchwork on mesh images 2017-09-12 13:54:23 +01:00
Bob Mottram db7e7f1e5a Tidying 2017-09-12 13:39:30 +01:00
Bob Mottram 6e2c4348e3 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-12 11:54:37 +01:00
Bob Mottram 78cfd5ad10 faq entry on Tor integration #71 2017-09-12 11:53:57 +01:00
Bob Mottram 9de00eea27 More explanation about what the onion build option means #71 2017-09-12 10:08:36 +01:00
Bob Mottram 9a5eb8c89b More verbose onion build option #71 2017-09-12 09:49:47 +01:00
Bob Mottram 3901ed9c53 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-10 17:05:00 +01:00
Bob Mottram a30668346a lockdown any node modules 2017-09-10 17:04:02 +01:00
Bob Mottram d35e9be67d Show libs with bad permissions 2017-09-10 16:33:13 +01:00
Bob Mottram 79ddfdf178 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-07 11:34:45 +01:00
Bob Mottram d8c4860f90 Restore from repos 2017-09-07 11:23:38 +01:00
Bob Mottram 3f5a1bfdd8 Restart gogs after restore 2017-09-07 11:11:39 +01:00
Bob Mottram 282d45cd64 Reverse logic 2017-09-07 11:01:42 +01:00
Bob Mottram 9085239218 Restore gogs config 2017-09-07 10:58:09 +01:00
Bob Mottram 11e6257545 Move gogs repos back after upgrade 2017-09-07 10:50:18 +01:00
Bob Mottram 69e56f4443 Set gogs permissions after upgrade 2017-09-07 10:37:38 +01:00
Bob Mottram 70f7e73974 Check that gogs ini file gets copied on upgrade 2017-09-07 10:24:31 +01:00
Bob Mottram ceaceb4c3d Bump gogs version 2017-09-07 10:13:34 +01:00
Bob Mottram 4ad9f08683 Tripwire final install 2017-09-03 18:22:59 +01:00
Bob Mottram 43276c058b Bump gnusocial commit 2017-09-03 18:01:35 +01:00
Bob Mottram aee80c4fb9 Switch query sequence 2017-09-03 17:46:03 +01:00
Bob Mottram 27708b3135 Extra backslash 2017-09-03 16:59:29 +01:00
Bob Mottram 3fcdc6f2f1 Remove @ replies for blocked users 2017-09-03 16:22:09 +01:00
Bob Mottram 8adf27e743 Tidying 2017-09-03 11:22:41 +01:00
Bob Mottram 387ae1d2cd Tidying 2017-09-03 11:20:52 +01:00
Bob Mottram c0d73e0169 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-03 11:06:23 +01:00
Bob Mottram 249d56eb24 Ensure no carriage return in qr code 2017-09-03 11:02:50 +01:00
Bob Mottram 1d441d393d Wait for keypress when displaying qr code 2017-09-03 10:55:04 +01:00
Bob Mottram 863ad4c343 Show syncthing QR code 2017-09-03 10:52:30 +01:00
Bob Mottram 2bd220ab5c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-09-01 12:25:44 +01:00
Bob Mottram 7e5401e8cc Tidying 2017-09-01 12:24:56 +01:00
Bob Mottram ca5428ca33 Remove xinetd when fixing stig tests, since it causes a violation 2017-09-01 11:05:05 +01:00
Bob Mottram eacb504795 Reverse logic 2017-08-31 19:48:56 +01:00
Bob Mottram 306ef598bf Restart daemon after email config changes 2017-08-31 19:46:25 +01:00
Bob Mottram 8a88f5ff35 Move tls function to be accessible to upgrade 2017-08-31 19:44:16 +01:00
Bob Mottram e24f7303aa Change email settings during upgrades 2017-08-31 19:41:41 +01:00
Bob Mottram 268fb4cc6f Improve email tls config 2017-08-31 19:39:28 +01:00
Bob Mottram 9e46fb82c2 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-29 11:49:44 +01:00
Bob Mottram 8c4f835657 It seems common for postactiv repos to be unavailable, so don't include them in the image 2017-08-29 11:49:02 +01:00
Bob Mottram 09e8c010e4 Support for pcduino3 board 2017-08-27 19:46:27 +01:00
Bob Mottram 278b409e44 Workaround for nginx failures when resetting tripwire 2017-08-27 12:40:53 +01:00
Bob Mottram 6acbc2118b Set integration server parameters to empty strings 2017-08-27 12:33:27 +01:00
Bob Mottram 0afea118c4 Bump matrix commit 2017-08-27 12:20:43 +01:00
Bob Mottram 435a8c4a6f Update riot hash 2017-08-27 11:50:59 +01:00
Bob Mottram 0d23690b44 Bump riot version 2017-08-27 11:48:47 +01:00
Bob Mottram 69dc61f029 Remove guix
This isn't really suitable, since it builds the entire toolchain from scratch. On a BBB that could take weeks
2017-08-26 22:00:55 +01:00
Bob Mottram 30e62efa37 guix paths 2017-08-26 19:08:41 +01:00
Bob Mottram 88f80ed6b4 Typo 2017-08-26 18:58:09 +01:00
Bob Mottram e8aa014c6c Fix guix systemd daemon 2017-08-26 18:56:59 +01:00
Bob Mottram cdbf4de7e0 Install guix within image 2017-08-26 18:51:45 +01:00
Bob Mottram a609d7b5bc Tidying 2017-08-26 18:18:50 +01:00
Bob Mottram 3edcda63d3 Function to install guix 2017-08-26 16:30:57 +01:00
Bob Mottram e9dc1550df Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-26 10:25:35 +01:00
Bob Mottram 7b8c8aef58 room expire script for matrix 2017-08-26 10:24:39 +01:00
Bob Mottram 0d8f68bd3d Remove obnam package 2017-08-25 18:27:12 +01:00
Bob Mottram 08959ac1bb Switch backup system to duplicity 2017-08-25 17:38:13 +01:00
Bob Mottram 52bf32cb28 Restore using absolute or relative path
Obnam restores with the full path. duplicity restores with the relative path
2017-08-25 17:35:33 +01:00
Bob Mottram 4fc1ad9543 Restoring cryptpad with duplicity style directory 2017-08-25 11:50:09 +01:00
Bob Mottram 4890393e4c Restoring cryptpad with duplicity style directory 2017-08-25 11:47:25 +01:00
Bob Mottram 99d7f7baa6 gpg passphrase 2017-08-25 11:09:46 +01:00
Bob Mottram 85043cf1a2 Backup system agnostic comments 2017-08-25 10:38:37 +01:00
Bob Mottram d9322df7b4 Deprecated gpg option 2017-08-24 17:07:02 +01:00
Bob Mottram 1e0ca1c3e2 duplicity gpg options 2017-08-24 17:03:38 +01:00
Bob Mottram 09d6beddb2 Check for backup failures 2017-08-24 16:24:25 +01:00
Bob Mottram a8e7aeb497 Temp directory for duplicity 2017-08-24 15:52:15 +01:00
Bob Mottram 53ca037736 Prepare for the return of duplicity 2017-08-24 13:56:00 +01:00
Bob Mottram 83ca113ef7 guile path 2017-08-23 22:00:58 +01:00
Bob Mottram ad1388da3d Note about https 2017-08-23 19:24:06 +01:00
Bob Mottram 12f35d5b29 Update riot version 2017-08-23 17:32:44 +01:00
Bob Mottram 3cdf3e45a5 Beginning of guile support 2017-08-23 17:30:13 +01:00
Bob Mottram 85757ed3ed Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-22 10:51:36 +01:00
Bob Mottram 36d73b2a6c Note about hosts file for pi-hole 2017-08-22 10:51:03 +01:00
Bob Mottram c72c4fe754 Typo 2017-08-21 22:43:44 +01:00
Bob Mottram fe107b6fe5 Update pihole setup instructions 2017-08-21 22:32:11 +01:00
Bob Mottram 79dd2521db Bump pihole commit 2017-08-21 21:45:27 +01:00
Bob Mottram 74bc296552 Bump gnusocial and pleroma commits 2017-08-21 21:11:56 +01:00
Bob Mottram 1e489fdeb0 Block some other cryptpad links, so that the version number isn't obvious 2017-08-18 13:00:53 +01:00
Bob Mottram d66536ab40 No cryptpad login screen 2017-08-18 12:55:53 +01:00
Bob Mottram 43bd30463e Bump cryptpad commit 2017-08-18 12:18:02 +01:00
Bob Mottram 5f59166a88 ghost version 2017-08-17 19:30:45 +01:00
Bob Mottram 5db39cb66e Keep track of ghost version
So that we're not upgrading every time
2017-08-17 19:24:49 +01:00
Bob Mottram 8c0afcc08e Adding matrix users 2017-08-17 19:01:00 +01:00
Bob Mottram 0e36a43ae0 Adding matrix user 2017-08-17 18:22:37 +01:00
Bob Mottram a7a9981d0e Read matrix domain 2017-08-17 18:19:06 +01:00
Bob Mottram b4b9c54c81 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-16 18:24:49 +01:00
Bob Mottram 81295daf47 More ghost busting 2017-08-16 18:22:41 +01:00
Bob Mottram 619834af05 Set ghost permissions after upgrade 2017-08-16 18:12:00 +01:00
Bob Mottram f4be3b85c0 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-13 11:31:34 +01:00
Bob Mottram 3afb3077c8 postactiv expire script during backups 2017-08-13 11:30:02 +01:00
Bob Mottram e30de6328f gnusocial expire script during backups 2017-08-13 11:28:59 +01:00
Bob Mottram 801aab4f9f Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-11 10:40:32 +01:00
Bob Mottram 9c1e131e4d Hold prosody package so that it doesn't update 2017-08-11 10:38:40 +01:00
Bob Mottram cfd0175f4f Copy prosody modules to both directories 2017-08-11 10:37:11 +01:00
Bob Mottram 1d4f6fadf4 prosody version 2017-08-11 10:04:01 +01:00
Bob Mottram daa36d9f5a Matrix logging 2017-08-10 14:27:04 +01:00
Bob Mottram b5b84a7127 Clear down GS/pA posts daily 2017-08-10 13:32:02 +01:00
Bob Mottram c15772bd21 Read GS/pA expire value 2017-08-10 13:20:11 +01:00
Bob Mottram 2419c5ad32 Shorten time for expiring gnusocial files 2017-08-10 13:16:38 +01:00
Bob Mottram 6c904ee967 We don't really need to backup mailpile 2017-08-09 23:30:36 +01:00
Bob Mottram 364b57a3d9 Turn off magic sysrq 2017-08-09 17:46:09 +01:00
Bob Mottram 850d5628a8 Don't panic! 2017-08-09 17:34:44 +01:00
Bob Mottram 46b37c96c1 Manual hash check after verify 2017-08-09 11:29:56 +01:00
Bob Mottram 659e49c477 Check a given hash against the tripwire database 2017-08-09 11:27:13 +01:00
Bob Mottram adef1bb88f Turn off ssl in dovecot when using mailpile 2017-08-08 21:18:52 +01:00
Bob Mottram acebf591bc Mailpile user permissions 2017-08-08 21:16:07 +01:00
Bob Mottram d93167fa60 Bump mailpile commit 2017-08-08 20:21:34 +01:00
Bob Mottram 2325be1f58 Nextcloud upgrade command 2017-08-08 19:24:47 +01:00
Bob Mottram 963d382d22 bump nextcloud commit 2017-08-08 18:59:28 +01:00
Bob Mottram f9f27765d1 More specific 2017-08-08 17:39:19 +01:00
Bob Mottram ff042c03b3 nextcloud advisory 2017-08-08 17:18:43 +01:00
Bob Mottram 4efb04dce5 Additional tripwire rules 2017-08-08 13:26:39 +01:00
Bob Mottram 825fa10d23 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-08 11:06:57 +01:00
Bob Mottram 32d89e951f Fix nextcloud leak of version information
This could be of obvious use to adversaries
2017-08-08 11:05:25 +01:00
Bob Mottram 85e9e38dc5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-07 22:05:35 +01:00
Bob Mottram 70813b5a65 Setting prosody group 2017-08-07 21:40:19 +01:00
Bob Mottram 5096ba9cc1 Tidying 2017-08-07 21:29:31 +01:00
Bob Mottram 68bbd5e693 Updating gpg keys 2017-08-07 19:04:16 +01:00
Bob Mottram 99d88d8792 Don't update certs on upgrade 2017-08-07 18:45:39 +01:00
Bob Mottram d3b3bd1d9b Try without the pep dance 2017-08-07 18:15:36 +01:00
Bob Mottram c80feb6768 Only update logindefs when needed 2017-08-07 17:31:37 +01:00
Bob Mottram 51de0ff9b3 grep string 2017-08-07 15:17:41 +01:00
Bob Mottram ee6925eeb6 Test for predictable device names 2017-08-07 14:46:08 +01:00
Bob Mottram 90dc589eb9 Removing of bluetooth kernel module 2017-08-07 14:18:59 +01:00
Bob Mottram 8c5aaeddc0 fail2ban isn't useful when logging is turned off most of the time 2017-08-07 13:56:25 +01:00
Bob Mottram fb811406e9 Include utils in logging command
So that functions can be called by logging app routines
2017-08-07 13:42:05 +01:00
Bob Mottram a59a84a0a3 kanboard logging functions 2017-08-07 13:32:16 +01:00
Bob Mottram 22557c6359 Don't repeatedly try to install amd64 kernel 2017-08-07 13:16:47 +01:00
Bob Mottram 0ee00f775c Ownership of ghost binary 2017-08-07 10:51:21 +01:00
Bob Mottram 079c5acc78 Show non-root files in stig result 2017-08-07 10:48:38 +01:00
Bob Mottram b8a873f9d2 Show non-root files on stig test 2017-08-07 10:34:49 +01:00
Bob Mottram b654846c86 Fix typo 2017-08-06 21:21:51 +01:00
Bob Mottram db322c02d3 keyserver database gets cleaned up anyway via the daily sks script 2017-08-06 21:07:02 +01:00
Bob Mottram bb64427344 Reverse logic 2017-08-06 17:12:03 +01:00
Bob Mottram 66f784ed55 Only change xmpp config if needed 2017-08-06 14:34:48 +01:00
Bob Mottram 5950438ced Fix account required 2017-08-06 13:50:52 +01:00
Bob Mottram 267851bd89 Only alter fstab if needed 2017-08-06 12:50:31 +01:00
Bob Mottram 42754613df xmpp logging conditions 2017-08-05 23:30:38 +01:00
Bob Mottram c8de324376 Only change login umask when needed 2017-08-05 23:16:37 +01:00
Bob Mottram f7f323b763 Only change pam values when needed 2017-08-05 23:13:28 +01:00
Bob Mottram c1650ae415 Only update limits when needed 2017-08-05 23:07:31 +01:00
Bob Mottram 7e24becb9c Only disable ctrl-alt-del once 2017-08-05 23:00:46 +01:00
Bob Mottram 259e061dcf Turing rsyslog on or off 2017-08-05 22:23:52 +01:00
Bob Mottram bd86c4b19a Only remove motd instructions once 2017-08-05 22:15:32 +01:00
Bob Mottram c713c613c9 Don't repeatedly config congestion control 2017-08-05 22:11:02 +01:00
Bob Mottram bbcc17f2d1 Only copy files which have changed 2017-08-05 21:16:37 +01:00
Bob Mottram f703a95971 Only copy stig tests script if it changes 2017-08-05 20:41:21 +01:00
Bob Mottram 9cf9388131 Indicate permissions lockdown 2017-08-05 20:24:46 +01:00
Bob Mottram 50867e7770 Clear before lockdown 2017-08-05 20:22:45 +01:00
Bob Mottram 1b6782f12a Remove clears 2017-08-05 20:21:14 +01:00
Bob Mottram a15759e394 Lockdown before tripwire reset 2017-08-05 20:13:11 +01:00
Bob Mottram db091e1d72 Only update files when they change 2017-08-05 20:08:57 +01:00
Bob Mottram 7586c716d4 Only copy cleanup script if it has changed 2017-08-05 18:01:56 +01:00
Bob Mottram 6122296b59 Only copy email archiving script if it has changed 2017-08-05 17:55:02 +01:00
Bob Mottram 5914a8c190 Check inadyn commit 2017-08-05 17:48:08 +01:00
Bob Mottram 8aec3e3da3 Tripwire ignores global node modules 2017-08-05 17:25:27 +01:00
Bob Mottram 6e57b1b33b Don't lockdown on upgrade 2017-08-05 16:59:13 +01:00
Bob Mottram b432410716 Fixing tripwire policy 2017-08-05 16:13:43 +01:00
Bob Mottram b7f63f6ff1 Directory name 2017-08-05 14:27:41 +01:00
Bob Mottram cd96dc6fd7 No routing 2017-08-05 14:21:35 +01:00
Bob Mottram 8f1df8243d tripwire exclusions to avoid triggering on routine updates 2017-08-05 14:10:44 +01:00
Bob Mottram 61d555737e Don't show tripwire code if database file doesn't exist 2017-08-05 13:32:34 +01:00
Bob Mottram d9adff3a9e Option to verify the tripwire code 2017-08-05 13:30:58 +01:00
Bob Mottram 99479d6448 Stray tld 2017-08-05 13:19:16 +01:00
Bob Mottram 31e7b8d619 tripwire qr code verification 2017-08-05 13:15:35 +01:00
Bob Mottram 0aeeafa2ab Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-05 11:37:41 +01:00
Bob Mottram f2c17eddd5 Message at the end of tripwire reset 2017-08-05 11:33:13 +01:00
Bob Mottram 0485e73a7d More comprehensive tripwire reset 2017-08-05 11:26:24 +01:00
Bob Mottram 07942a701b End of fixes message 2017-08-05 10:07:33 +01:00
Bob Mottram 75d6de301b Menu option to fix stig test failures 2017-08-05 10:00:34 +01:00
Bob Mottram 80be052424 Don't try to fix stig failures because this triggers the tripwire 2017-08-05 09:56:13 +01:00
Bob Mottram 26b80c868f Don't need this if email is configured properly 2017-08-04 23:50:58 +01:00
Bob Mottram 1d3e165d2d Don't need daily sks script because an equivalent one is already installed by the debian package 2017-08-04 23:34:42 +01:00
Bob Mottram 50f29ef374 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-04 21:42:05 +01:00
Bob Mottram cc922b3b56 Support different languages for mutt spell checking 2017-08-04 21:41:40 +01:00
Bob Mottram 19c99e8d5a Emacs spell checking 2017-08-04 21:04:19 +01:00
Bob Mottram 87f354e669 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-04 18:29:14 +01:00
Bob Mottram 144fae7bae tripwire check 2017-08-04 18:28:43 +01:00
Bob Mottram 6fc1e1e967 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-04 18:14:40 +01:00
Bob Mottram 23f541964e Add tripwire check as a cron job 2017-08-04 18:12:01 +01:00
Bob Mottram 4bf48b5801 Reset tripwire 2017-08-03 21:32:18 +01:00
Bob Mottram 962cb6cf13 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-08-01 10:12:04 +01:00
Bob Mottram da30734ba9 Stop ghost before updating 2017-08-01 09:49:42 +01:00
Bob Mottram 14afd04473 cryptpad 1.12.0 2017-08-01 09:38:27 +01:00
Bob Mottram 70295790a0 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-31 14:51:13 +01:00
Bob Mottram ac22ebb9b8 Remove links to feedly from ghost blog 2017-07-31 14:50:32 +01:00
Bob Mottram 79ef8f79fc Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-31 12:52:09 +01:00
Bob Mottram 9dd54f5c32 facepalm 2017-07-31 12:50:50 +01:00
Bob Mottram 6897652c86 keyserver buffer size limit 2017-07-31 12:39:20 +01:00
Bob Mottram 9b6be8dce3 Data limits on keyserver web interface 2017-07-31 12:34:11 +01:00
Bob Mottram a361727da6 Clear out keyserver logs more frequently and make sure that sks daemon is stopped when clearing 2017-07-31 11:53:03 +01:00
Bob Mottram ccb32bc1a3 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-31 10:24:39 +01:00
Bob Mottram 4398c8b976 Don't need sks repo 2017-07-31 10:23:00 +01:00
Bob Mottram f396203257 Fix ghost 2017-07-30 22:08:47 +01:00
Bob Mottram 11b01bfe25 Also upgrade ghost-cli 2017-07-30 18:32:20 +01:00
Bob Mottram 332ae3e37a Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-30 18:20:40 +01:00
Bob Mottram de37fbc633 Move the image 2017-07-30 18:19:21 +01:00
Bob Mottram 241ccb9803 keyserver documentation 2017-07-30 18:13:18 +01:00
Bob Mottram 81be48d180 Enable sks after restore 2017-07-30 16:55:53 +01:00
Bob Mottram 43a44a1186 Watchdog to disable keyserver if the database becomes too large 2017-07-30 16:38:49 +01:00
Bob Mottram 4cdef1e0b4 Remove keyserver key 2017-07-30 16:15:17 +01:00
Bob Mottram 0607a26ea8 Remove any keyserver log files during upgrades 2017-07-30 14:29:10 +01:00
Bob Mottram 9ce7e29174 Remove keyserver log files before backup 2017-07-30 14:27:15 +01:00
Bob Mottram a03db43778 keyserver debug level 2017-07-30 14:10:05 +01:00
Bob Mottram efa7548513 log diffs setting 2017-07-30 14:01:58 +01:00
Bob Mottram 20cb78e653 keyserver description 2017-07-30 13:59:34 +01:00
Bob Mottram 6a85df523b More keyserver checks 2017-07-30 13:15:33 +01:00
Bob Mottram 496667d47d Complain about malformed email addresses 2017-07-30 12:52:43 +01:00
Bob Mottram 006d355377 Extra email check 2017-07-30 12:48:41 +01:00
Bob Mottram d81cea2fe9 Include optional mailsync address when adding other keyserver 2017-07-30 12:45:51 +01:00
Bob Mottram efe6c6f315 Backup and restore sks config files 2017-07-30 12:19:52 +01:00
Bob Mottram 972e9b463b Extra keyserver settings 2017-07-30 12:02:27 +01:00
Bob Mottram 0bbfd412b5 Don't backup infeasibly large keyserver databases 2017-07-30 11:08:30 +01:00
Bob Mottram fe024046ec Backup and restore for keyserver 2017-07-30 10:34:44 +01:00
Bob Mottram 5122bdbc48 keyserver active on port 80
Without this commandline interaction doesn't work
2017-07-29 22:44:45 +01:00
Bob Mottram 342b1fc328 Fixing keyserver 2017-07-29 21:28:24 +01:00
Bob Mottram 8c12c0f195 Edit keyserver sync servers 2017-07-29 15:37:42 +01:00
Bob Mottram 8b39a6d211 Add sync keyservers 2017-07-29 15:19:29 +01:00
Bob Mottram 4b9cf813cd Duplicate port 2017-07-28 23:34:40 +01:00
Bob Mottram 8f280c82e0 keyserver listening ports 2017-07-28 23:14:12 +01:00
Bob Mottram 3a75c54d24 Show sks keyserver onion address on about screen 2017-07-28 23:03:31 +01:00
Bob Mottram dfe18fb802 Keep track of sks onion domain 2017-07-28 22:57:40 +01:00
Bob Mottram 73397491f5 Onion servive for keyserver 2017-07-28 22:52:38 +01:00
Bob Mottram 3714095c0d Firewall for keyserver 2017-07-28 22:46:36 +01:00
Bob Mottram 077d14df35 Documentation for keyserver 2017-07-28 22:42:48 +01:00
Bob Mottram ae62a45f70 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-28 22:05:24 +01:00
Bob Mottram 62da06d236 typo 2017-07-28 22:03:12 +01:00
Bob Mottram d2af928664 Change name on keyserver 2017-07-28 22:01:35 +01:00
Bob Mottram e5b0ae0abd Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-28 21:43:40 +01:00
Bob Mottram 79cfba462d Download keyserver dump using date
Because downloading the full data will likely take longer than a day
2017-07-28 21:39:29 +01:00
Bob Mottram 79b5bd818e Simplify keyserver install 2017-07-28 21:06:46 +01:00
Bob Mottram ad4b4c61fd Check directories 2017-07-28 20:16:20 +01:00
Bob Mottram e7e69d4877 Add dialog asking to continue with download 2017-07-28 20:02:25 +01:00
Bob Mottram 18ad18de7d Move database import to interactive 2017-07-28 19:57:21 +01:00
Bob Mottram 17dd9b26f8 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-28 15:30:43 +01:00
Bob Mottram 19f431b7b5 No mariadb restart needed 2017-07-28 15:27:14 +01:00
Bob Mottram 810e346f69 Set directories for search 2017-07-28 15:17:49 +01:00
Bob Mottram 3609e4c952 Upgrade ghost install to 1.x type 2017-07-28 14:51:24 +01:00
Bob Mottram 74cb0c0493 Some extra packages for ghost 2017-07-28 11:42:21 +01:00
Bob Mottram 01e5748db7 Bump ghost version 2017-07-28 11:28:08 +01:00
Bob Mottram 388a4c8885 Backup the database and content subdirectory for ghost 2017-07-28 11:17:47 +01:00
Bob Mottram 69fb3e5d38 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-27 21:57:28 +01:00
Bob Mottram 14efdb6a2f keyserver 2017-07-27 21:54:08 +01:00
Bob Mottram d9d93b18a7 sks keyserver app 2017-07-27 21:51:12 +01:00
Bob Mottram c33f236ed5 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-27 15:34:32 +01:00
Bob Mottram f0998ddcbc Fix typo 2017-07-27 15:20:33 +01:00
Bob Mottram 2469051cd8 Cryptpad screenshot 2017-07-27 15:17:11 +01:00
Bob Mottram 29bae785aa Upgrade sequence 2017-07-27 14:57:26 +01:00
Bob Mottram b7720972cd Needs bower install 2017-07-27 14:50:12 +01:00
Bob Mottram 7a496ecb40 Install after cryptpad upgrade 2017-07-27 14:41:14 +01:00
Bob Mottram 04bc4393f0 Bump cryptpad commit 2017-07-27 14:35:30 +01:00
Bob Mottram 351c8fa5b6 kanboard documentation 2017-07-25 23:26:08 +01:00
Bob Mottram dd04199b4a Install composer 2017-07-25 22:11:03 +01:00
Bob Mottram dc4f99a740 Dialog proportions 2017-07-25 21:51:48 +01:00
Bob Mottram 59455534ad No background image 2017-07-25 21:46:13 +01:00
Bob Mottram ae396b0e63 code index 2017-07-25 21:42:08 +01:00
Bob Mottram 21d1f73df6 kanboard app 2017-07-25 21:39:27 +01:00
Bob Mottram f748e4ebcc Don't set profanity gpg key by default so that screen refresh bug doesn't happen 2017-07-25 10:44:21 +01:00
Bob Mottram ed5e451b82 Update profanity commits 2017-07-25 10:16:19 +01:00
Bob Mottram 812f5de7f2 Beginning of wekan 2017-07-25 10:13:58 +01:00
Bob Mottram 2240241ca2 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-22 18:31:56 +01:00
Bob Mottram c63b3abe8b Switch to BBR congestion control 2017-07-22 18:31:11 +01:00
Bob Mottram cad729aa76 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-20 22:47:09 +01:00
Bob Mottram cbcdc4dd40 Adding users to the blocklist 2017-07-20 22:43:18 +01:00
Bob Mottram d5618fbb8a Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-20 16:02:57 +01:00
Bob Mottram df3df89fa8 Riot filename changed 2017-07-20 15:35:24 +01:00
Bob Mottram 47ff7bda86 Update riot version 2017-07-20 15:32:27 +01:00
Bob Mottram c1fe3cde61 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-20 14:44:06 +01:00
Bob Mottram 4044312ff8 Remove ads and a few other images
All I can say is that it seemed like a good idea at the time, but my design skills are lousy and spamming streams with ads would certainly be counterproductive, even if they're ads for Free Software
2017-07-20 14:43:34 +01:00
Bob Mottram 7c91136e94 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-20 14:25:58 +01:00
Bob Mottram fec9ff29a1 Bring README into line with the website 2017-07-20 14:25:26 +01:00
Bob Mottram c33d3ac1d2 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-18 13:17:53 +01:00
Bob Mottram 6e535f2eab Upgrading GS/pA 2017-07-18 13:15:24 +01:00
Bob Mottram e6ef9d9a7d Mention free drivers 2017-07-18 12:47:45 +01:00
Bob Mottram 48a3e58ff3 Markdown format 2017-07-18 12:43:38 +01:00
Bob Mottram 2ebbb98ae1 Contributing suggestions 2017-07-18 12:41:02 +01:00
Bob Mottram 70199d2a07 Principle of self-management 2017-07-18 11:19:32 +01:00
Bob Mottram baa495a58e CoC substitute 2017-07-18 10:41:52 +01:00
Bob Mottram fd306f394d Minimum data retention 2017-07-18 10:41:34 +01:00
Bob Mottram fd6b1b9418 Substitute for a code of conduct 2017-07-18 10:23:10 +01:00
Bob Mottram 2cee73ca8e flash bbb wireless kernel 2017-07-17 15:30:09 +01:00
Bob Mottram 28211221ba Package not needed 2017-07-17 14:51:21 +01:00
Bob Mottram 745ee6019e Hotspot setup for bbb wireless 2017-07-17 14:17:13 +01:00
Bob Mottram a6c6841a13 Permissions on profile 2017-07-15 17:33:02 +01:00
Bob Mottram d551818ff0 Support 256 colours in the terminal 2017-07-15 17:27:52 +01:00
Bob Mottram aa87b5c188 Add next year archive after previous one 2017-07-15 14:54:53 +01:00
Bob Mottram 2b485eeb7d Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-15 11:39:15 +01:00
Bob Mottram 59f018b336 Set site key filename 2017-07-15 11:37:41 +01:00
Bob Mottram 87ea6e3408 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-15 11:27:02 +01:00
Bob Mottram a752130127 Checks when resetting tripwire 2017-07-15 11:25:57 +01:00
Bob Mottram 33fe2af78c Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-15 11:15:49 +01:00
Bob Mottram 9741890691 stig test for tripwire database 2017-07-15 11:10:40 +01:00
Bob Mottram 054c452d71 Not using aide
Check for tripwire cron entry instead
2017-07-15 10:30:02 +01:00
Bob Mottram 2f1ad05c6a Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-14 23:43:59 +01:00
Bob Mottram f3d6fc59f2 Braces 2017-07-14 23:42:04 +01:00
Bob Mottram 31f8d72c92 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-14 22:49:19 +01:00
Bob Mottram f6f104078a Fixing tripwire installation 2017-07-14 22:42:31 +01:00
Bob Mottram ee2f4fb4f8 More word combinations 2017-07-13 14:39:39 +01:00
Bob Mottram 9807c230c6 Replace Facebook 2017-07-13 14:34:36 +01:00
Bob Mottram 1547479013 Merge branch 'stretch' of https://github.com/bashrc/freedombone 2017-07-12 19:54:54 +01:00
Bob Mottram 5104a16044 Update quitter commit for bug fix 2017-07-12 19:40:48 +01:00
Bob Mottram b5791cf935 gnusocial fix for timeout issue https://git.gnu.io/gnu/gnu-social/issues/281 2017-07-11 11:33:05 +01:00
Bob Mottram fe947081ff Bump gnusocial commit 2017-07-10 21:51:32 +01:00
Bob Mottram 3b56496cfb Add php timeout to nginx 2017-07-10 19:51:11 +01:00
Bob Mottram e941516024 php process timeout 2017-07-10 18:30:09 +01:00
Bob Mottram d96d5bcf23 Ensure correct prosody modules are loaded 2017-07-10 16:36:14 +01:00
Bob Mottram fdef7c93d7 Change php to static processes 2017-07-10 12:40:16 +01:00
Bob Mottram 00a4467d27 Firewall for IP addresses 2017-07-10 11:29:29 +01:00
Bob Mottram 7552dc20fc More php settings 2017-07-10 10:22:37 +01:00
Bob Mottram 79dcd6ac15 Don't install havege on VMs 2017-07-10 10:08:56 +01:00
Bob Mottram beb4a88bd2 php systemd interval 2017-07-10 09:58:44 +01:00
Bob Mottram 87098a72ed Bump gnusocial commit 2017-07-09 20:39:41 +01:00
Bob Mottram a30f9a9146 Fix gnusocial post expiry script 2017-07-09 17:36:36 +01:00
Bob Mottram 5d872f0204 Switch command order
So that files definitely expore even if the sql access fails
2017-07-09 17:19:26 +01:00
Bob Mottram 3b5170c70a Don't backup more data than necessary 2017-07-09 17:06:07 +01:00
Bob Mottram 73cfa41352 Backup only the necessary postactiv data
Not all the files
2017-07-09 16:05:18 +01:00
Bob Mottram 9030522b3a Backup only the necessary gnusocial data
Not all the files
2017-07-09 15:56:44 +01:00
Bob Mottram dc2c19e73f Ownership of background image 2017-07-09 14:07:44 +01:00
Bob Mottram 0886f73816 Simplify 2017-07-09 13:54:33 +01:00
Bob Mottram bfc1dae28d Executable folders 2017-07-09 13:42:45 +01:00
Bob Mottram 30e2887310 Bump pleroma commit 2017-07-09 13:34:50 +01:00
Bob Mottram 410c13d680 Change permissions after changing gnusocial UI 2017-07-09 13:17:19 +01:00
Bob Mottram fa1e8e5814 Delete freedns file after use 2017-07-09 10:57:57 +01:00
Bob Mottram 12588382ab Delete freedns file after use 2017-07-09 10:49:14 +01:00
Bob Mottram d2f2c5edb1 Include realtek in wifi drivers 2017-07-04 15:02:35 +01:00
Bob Mottram e9d21d9fce Separate mesh hotspot channel 2017-07-04 12:47:07 +01:00
Bob Mottram 8f109b2b18 Add ffmpeg to koel 2017-07-04 11:16:51 +01:00
Bob Mottram f4a75d934a Still need build-essential 2017-07-04 10:15:10 +01:00
Bob Mottram abcd167191 Update hashes 2017-07-04 10:11:15 +01:00
Bob Mottram d423fecbb6 Add boot issue to faq 2017-07-03 21:04:13 +01:00
Bob Mottram e610ebbcda Update grub at the end of mesh install 2017-07-03 20:56:12 +01:00
Bob Mottram f9616ceedc Notes on boot trouble with mesh images 2017-07-03 20:50:55 +01:00
Bob Mottram c555943c8a initramfs tools on non-uboot systems 2017-07-03 18:49:33 +01:00
Bob Mottram 6983eda8aa Mention multiwriter 2017-07-03 16:33:03 +01:00
Bob Mottram 6b4bf8e0b8 Mesh blurb 2017-07-03 12:55:57 +01:00
Bob Mottram 27146f3e25 Update hash 2017-07-03 12:40:16 +01:00
Bob Mottram 33dfc726b8 Update documentation for v3 2017-07-03 12:29:43 +01:00
Bob Mottram 55377bde8d Update mesh instructions for v3 2017-07-03 12:19:19 +01:00
Bob Mottram bfe5ec416e Update mesh instructions for v3 2017-07-03 12:17:40 +01:00
Bob Mottram 39dcd34200 pulseaudio control on mesh clients 2017-07-02 19:04:07 +01:00
Bob Mottram aaf2f67f0a Tidying 2017-07-02 17:48:31 +01:00
Bob Mottram 08b2b1a795 Generic app name 2017-07-01 20:34:12 +01:00
Bob Mottram 7479e08e1c Typo 2017-07-01 20:25:55 +01:00
Bob Mottram b42080788a Document logging interface 2017-07-01 20:24:04 +01:00
Bob Mottram 21822c6e75 Populate logging functions 2017-07-01 20:20:57 +01:00
Bob Mottram b060a56dbf Placeholder functions for turning logging on or off 2017-07-01 19:14:28 +01:00
Bob Mottram d02236c1eb Install any missing node packages 2017-07-01 15:23:23 +01:00
Bob Mottram 34f9eb9aff Try to fix any stig failures 2017-07-01 12:14:56 +01:00
Bob Mottram fab34e5f7e Headings 2017-07-01 11:18:49 +01:00
Bob Mottram 2a059459e3 Headings 2017-07-01 11:17:24 +01:00
Bob Mottram 7999bceb88 Headings 2017-07-01 11:15:54 +01:00
Bob Mottram 42e04dacc7 Wording 2017-06-30 22:07:01 +01:00
Bob Mottram 46db3d583b Wording 2017-06-30 22:05:24 +01:00
Bob Mottram 29c557c64a More concise 2017-06-30 22:01:33 +01:00
Bob Mottram 75bbef16b1 Heading 2017-06-30 21:55:45 +01:00
Bob Mottram c2a366c019 Update website 2017-06-30 21:43:32 +01:00
Bob Mottram a6fc8408a0 Stray image removed 2017-06-30 21:42:51 +01:00
Bob Mottram fa3bcfee35 Version 3 image 2017-06-30 21:42:14 +01:00
Bob Mottram 4025fa80cf Release notes 2017-06-30 21:01:32 +01:00
Bob Mottram d855ff6942 Create warning emails from daily tests 2017-06-30 16:00:08 +01:00
Bob Mottram 9aebefe0aa Deprecate mirrors 2017-06-29 18:09:31 +01:00
Bob Mottram 28381df8f5 Ensure privilege separation exists 2017-06-29 13:47:22 +01:00
Bob Mottram 9ffb2b235f Changing ssh server config 2017-06-29 13:42:49 +01:00
Bob Mottram bbae177910 More ssh server settings 2017-06-29 13:35:53 +01:00
Bob Mottram 5f8faa36e2 Additional stig test descriptions 2017-06-29 13:04:34 +01:00
Bob Mottram baf5d90770 Additional ssh stig tests 2017-06-29 11:29:17 +01:00
Bob Mottram cab5ffcefd Back to mysql 2017-06-28 16:25:14 +01:00
Bob Mottram 04e18d65c7 quiet 2017-06-28 13:52:14 +01:00
Bob Mottram d235c8dbe4 quiet 2017-06-28 13:35:34 +01:00
Bob Mottram c5a9c6707d Stretch version 2017-06-28 11:54:24 +01:00
Bob Mottram ca7e2ef2b6 About title 2017-06-28 11:52:08 +01:00
Bob Mottram 604a1f9072 Position 2017-06-27 19:58:39 +01:00
Bob Mottram 796ae94c45 mariadb password dialog 2017-06-27 19:57:21 +01:00
Bob Mottram 43f737cffa Select mariadb password 2017-06-27 19:55:37 +01:00
Bob Mottram 4b6f4f4bfd Dialog height 2017-06-27 19:53:24 +01:00
Bob Mottram 43a8493038 Show database password 2017-06-27 19:51:44 +01:00
Bob Mottram cc7f493e56 Bump searx commit 2017-06-27 15:37:34 +01:00
Bob Mottram 995a470067 Change onion address for site 2017-06-27 13:17:39 +01:00
Bob Mottram 8e561667c1 Try lvm 2017-06-27 12:33:43 +01:00
Bob Mottram e634287f32 Avoid nfs altogether 2017-06-27 10:32:46 +01:00
Bob Mottram 33b7625b77 Variable not used 2017-06-26 21:37:29 +01:00
Bob Mottram 8c1769284e Move predictable network device setup to first boot on mesh 2017-06-26 21:25:51 +01:00
Bob Mottram a79d279ebf Remove nfs if it somehow gets installed 2017-06-26 17:47:53 +01:00
Bob Mottram 232de527f6 Remove nfs if it exists 2017-06-26 17:17:01 +01:00
Bob Mottram 4a8144e335 Test is not relevant because systemd is being used 2017-06-26 15:26:25 +01:00
Bob Mottram 5881b038c7 Print the last ssh log time 2017-06-26 15:19:46 +01:00
Bob Mottram 2a66fae204 Fix stray permissions 2017-06-26 15:01:22 +01:00
Bob Mottram ec48658600 Fix debian key tests 2017-06-26 14:05:17 +01:00
Bob Mottram 902db81036 Update key checks 2017-06-26 13:51:32 +01:00
Bob Mottram a3455877ca proc filesystem 2017-06-26 13:32:17 +01:00
Bob Mottram f12dbcce87 server becomes pool 2017-06-26 13:19:39 +01:00
Bob Mottram 2763247509 Disable host based ssh authentication 2017-06-26 13:13:39 +01:00
Bob Mottram a1f962b992 No empty ssh passowords 2017-06-26 13:08:16 +01:00
Bob Mottram 4eeee4415a Ignore rhosts 2017-06-26 13:06:06 +01:00
Bob Mottram a2e1db68e1 Update ca certs after restore 2017-06-26 13:00:28 +01:00
Bob Mottram bcc5e80d21 Refresh blocklist firewall after restore 2017-06-26 12:18:29 +01:00
Bob Mottram dbce6a1a18 Check before adding firewall rules to avoid duplicates 2017-06-26 11:58:33 +01:00
Bob Mottram d742ea58f8 Don't restore completion file
This could cause problems with upgrades
2017-06-26 11:27:37 +01:00
Bob Mottram 06e4db6145 Remove comments 2017-06-26 11:12:12 +01:00
Bob Mottram 7a222289d0 Backup and restore blocklist 2017-06-26 11:08:38 +01:00
Bob Mottram 7daf077ee1 Stretch 2017-06-25 23:29:21 +01:00
Bob Mottram 7268ee624b Stretch 2017-06-25 23:24:17 +01:00
Bob Mottram 30f95a6576 Deprecate radicale 2017-06-25 21:58:21 +01:00
Bob Mottram 334c9131f1 Nextcloud 12 2017-06-25 21:04:17 +01:00
Bob Mottram e279bce875 Set database password on movim restore 2017-06-25 20:50:07 +01:00
Bob Mottram 86d1c1a7d3 Set database password on koel restore 2017-06-25 20:44:00 +01:00
Bob Mottram 50c64e26ba Set database password on hubzilla restore 2017-06-25 20:39:44 +01:00
Bob Mottram f863c21860 Set database password on gogs restore 2017-06-25 20:37:25 +01:00
Bob Mottram 3fc4f40cd2 Clear password 2017-06-25 20:32:54 +01:00
Bob Mottram c1cf74c0d4 Set database password on friendica restore 2017-06-25 20:31:47 +01:00
Bob Mottram 309479ee1c Set database password on etherpad restore 2017-06-25 20:28:59 +01:00
Bob Mottram d609774def Date 2017-06-25 19:06:33 +01:00
Bob Mottram b4b50ffc7d Set mariadb password for rss restore 2017-06-25 18:56:03 +01:00
Bob Mottram c6bef7a77b Ghost hash 2017-06-25 18:15:01 +01:00
Bob Mottram f7a1fbbdd5 Ghost version 2017-06-25 18:12:24 +01:00
Bob Mottram 8f80033313 Ghost restore database password 2017-06-25 17:35:16 +01:00
Bob Mottram f99ed7f79f Free variable after use 2017-06-25 17:30:50 +01:00
Bob Mottram e14f250be2 updates after restoring GS/pA 2017-06-25 17:29:10 +01:00
Bob Mottram e973bce5e0 Return of the database password 2017-06-25 15:15:15 +01:00
Bob Mottram ad5957d796 Fixing mariadb brokenness 2017-06-25 15:02:18 +01:00
Bob Mottram 92b9828bf6 Improve the fixing of mariadb authentication 2017-06-25 13:51:51 +01:00
Bob Mottram f04afc2a39 Remove restore directory if it exists 2017-06-25 13:17:30 +01:00
Bob Mottram e18eb98ded Any key after restore fails 2017-06-25 13:07:40 +01:00
Bob Mottram 4945db5817 Improve remote restore of mariadb 2017-06-25 11:07:13 +01:00
Bob Mottram 604a1929ba Improve restore of mariadb 2017-06-25 11:02:47 +01:00
Bob Mottram 45be6e2915 Tidying 2017-06-25 10:06:24 +01:00
Bob Mottram de8e808e99 Another batch 2017-06-24 21:08:40 +01:00
Bob Mottram 120c2649c0 More echoes 2017-06-24 21:00:56 +01:00
Bob Mottram ca17c23fea Try batch 2017-06-24 20:57:55 +01:00
Bob Mottram b75b6aafe1 More permissions setting before gpg user commands 2017-06-24 19:04:37 +01:00
Bob Mottram 98d4179784 Ensure permissions before gpg key deletion 2017-06-24 19:00:42 +01:00
Bob Mottram c85ddcb63d Email install sequence 2017-06-24 18:48:33 +01:00
Bob Mottram e4304ced42 Update muttrc after key reconstruction 2017-06-24 18:39:13 +01:00
Bob Mottram 7c2df014a2 Change muttrc to use imported gpg key ID 2017-06-24 18:29:56 +01:00
Bob Mottram 5f0aba7db3 Restore gpg keys separately
This enables the system to be upgraded without overwriting gpg2 config with gpg1
2017-06-24 18:09:39 +01:00
Bob Mottram a5a89f34c7 Fix database name 2017-06-24 15:27:24 +01:00
Bob Mottram e3618921c4 Fix database name 2017-06-24 15:26:13 +01:00
Bob Mottram 8c947cd18d Tidying 2017-06-24 14:16:59 +01:00
Bob Mottram e77cb551ea Tidying 2017-06-24 12:18:48 +01:00
Bob Mottram b91c85eaa2 Don't need package installs 2017-06-24 11:23:02 +01:00
Bob Mottram 1a2e301c0b Make gpg key reconstruction optionally interactive 2017-06-24 11:14:01 +01:00
Bob Mottram e4ab5fe54e gpg functions 2017-06-24 11:07:04 +01:00
Bob Mottram d0c6e0f573 Extra options during gpg key deletion 2017-06-23 23:56:14 +01:00
Bob Mottram 53282fff51 Deletion order 2017-06-23 23:44:05 +01:00
Bob Mottram 08ca1e149a Improve the master key import 2017-06-23 23:39:16 +01:00
Bob Mottram dc436a7687 Tidying 2017-06-23 22:27:42 +01:00
Bob Mottram d321d9f18f No need to read usb drive 2017-06-23 22:14:24 +01:00
Bob Mottram 408eb08222 letsencrypt permissions 2017-06-23 21:33:07 +01:00
Bob Mottram 548b5fc8b9 Alternative drive option 2017-06-23 20:36:09 +01:00
Bob Mottram ff48df3dab Tidying 2017-06-23 18:44:54 +01:00
Bob Mottram 127d6431b4 Exit from key loading loop 2017-06-23 18:42:55 +01:00
Bob Mottram c1bd5c9691 Check for backup key file 2017-06-23 18:39:20 +01:00
Bob Mottram b5f6a554f3 Importing from keydrive 2017-06-23 18:34:53 +01:00
Bob Mottram 6f54f4b515 Export backup key with password 2017-06-23 18:18:08 +01:00
Bob Mottram 22e6e4ae62 Use homedir for gpg export and import 2017-06-23 17:59:15 +01:00
Bob Mottram 839e129c5f Exporting backup key to keydrive 2017-06-23 17:01:55 +01:00
Bob Mottram 5831b29fb5 usb drive option to keydrive can include path 2017-06-23 15:55:07 +01:00
Bob Mottram 4c62933e5d Include sda when detecting usb drive 2017-06-23 15:49:46 +01:00
Bob Mottram 3ee2b0e2ed Detect usb drive when creating keydrive 2017-06-23 15:48:20 +01:00
Bob Mottram 9ec93fff3a Master keydrive exports keys to file 2017-06-23 15:17:49 +01:00
Bob Mottram 0dffadd4d1 Error if password can't be encrypted 2017-06-23 11:30:48 +01:00
Bob Mottram 2a5038d209 Permissions on root gpg keyring 2017-06-23 11:12:28 +01:00
Bob Mottram 4305bb71d1 Test the password system 2017-06-23 11:06:09 +01:00
Bob Mottram c5b469253c Error if getting mariadb password fails 2017-06-23 10:58:59 +01:00
Bob Mottram 76b24ec257 Create addremove script 2017-06-23 10:53:25 +01:00
Bob Mottram 19897c5eb0 Make control scripts executable 2017-06-23 10:44:25 +01:00
Bob Mottram 12b37ac9dd Modify 2017-06-23 10:39:44 +01:00
Bob Mottram 8c20b15f6f Experimental control scripts 2017-06-23 10:35:58 +01:00
Bob Mottram 6932df7fdb Setting static ip address 2017-06-22 21:17:35 +01:00
Bob Mottram 34003a4de8 Transition to network manager interfaces directory 2017-06-22 20:28:01 +01:00
Bob Mottram 9d4858c07e Use resolvconf for dns resolution 2017-06-22 17:52:52 +01:00
Bob Mottram 6b74243de2 Revert nodejs versions, otherwise ghost won't install 2017-06-22 17:41:23 +01:00
Bob Mottram 936458b182 Note about ghost node version 2017-06-22 17:35:24 +01:00
Bob Mottram 013749c554 vars path 2017-06-22 14:37:48 +01:00
Bob Mottram 21fad3e5d2 Avahi uses local name 2017-06-22 14:18:15 +01:00
Bob Mottram 2b7effda12 No exit 2017-06-22 12:55:32 +01:00
Bob Mottram ea76d35b75 Document setting the local name for an image 2017-06-22 12:38:03 +01:00
Bob Mottram a43e7b888e Can specify local name when creating images 2017-06-22 12:34:07 +01:00
Bob Mottram 5b5bc5cff6 Local name, same as the project name 2017-06-22 11:55:28 +01:00
Bob Mottram c6262e7e3e freedns updater improvements 2017-06-21 22:45:38 +01:00
Bob Mottram c3895f3fb5 Itterate through freedns codes 2017-06-21 22:11:37 +01:00
Bob Mottram cfae58f30f Verbose option for freedns 2017-06-21 22:01:15 +01:00
Bob Mottram bf025a037b Only download ghost if needed 2017-06-21 21:26:47 +01:00
Bob Mottram 288e1d00f2 Capital 2017-06-21 21:18:30 +01:00
Bob Mottram b4924c36f8 Add ssl group 2017-06-21 21:16:19 +01:00
Bob Mottram 5fe06e923f Separate grub update 2017-06-21 20:59:33 +01:00
Bob Mottram 30dd79a83c Just check for gnupg directory 2017-06-21 20:48:35 +01:00
Bob Mottram 2798401e2f Mark gpg keys as having been imported 2017-06-21 20:36:49 +01:00
Bob Mottram 3dcd54cc6c Additional messages when creating gpg key 2017-06-21 20:24:11 +01:00
Bob Mottram 4c19fb89ba Stick with initial dovecot self-signed cert
This avoids possible letsencrypt initial install problems
2017-06-21 20:12:01 +01:00
Bob Mottram 74bd83ca08 Only do grub setup on first boot 2017-06-21 17:09:30 +01:00
Bob Mottram 35c6a6f9e2 Matrix not available on onion only installs 2017-06-20 20:42:13 +01:00
Bob Mottram 1dedb0cec9 Get onion only state 2017-06-20 15:53:42 +01:00
Bob Mottram d076d70f88 riot with onion address 2017-06-20 15:52:40 +01:00
Bob Mottram baa523aa21 mb 2017-06-20 15:07:34 +01:00
Bob Mottram c0f118250e Switch to MB so that RAM requirements can be more granular 2017-06-20 15:01:40 +01:00
Bob Mottram f4329a1b88 whole numbers 2017-06-20 14:57:44 +01:00
Bob Mottram 73c1cc1d67 Sleep longer on low power hardware 2017-06-20 14:49:03 +01:00
Bob Mottram 108f98b6da Check RAM availability before install of matrix 2017-06-20 14:09:42 +01:00
Bob Mottram 5b9132c7ab libssl version 2017-06-20 13:40:08 +01:00
Bob Mottram 9d2ef3fccc libssl version 2017-06-20 13:33:30 +01:00
Bob Mottram 6c302f075b If we are about to reboot anyway then don't bother restarting daemons 2017-06-20 13:24:18 +01:00
Bob Mottram c49e53eaee Set kernel options within grub 2017-06-20 11:00:06 +01:00
Bob Mottram d86e29088a Enable kernel slab poisoning 2017-06-20 10:49:08 +01:00
Bob Mottram f4294e0c22 resolv.conf path 2017-06-19 21:09:54 +01:00
Bob Mottram 7f80caf119 Tidying 2017-06-19 20:34:37 +01:00
Bob Mottram e5da5f89cf Don't read from file when creating hotspot 2017-06-19 19:42:18 +01:00
Bob Mottram 9017806ec2 Check return status when enabling hotspot 2017-06-19 18:54:05 +01:00
Bob Mottram 47bb733b54 Check return status when enabling hotspot 2017-06-19 18:51:03 +01:00
Bob Mottram 9f1fcdf1fa wifi interface path 2017-06-19 18:41:03 +01:00
Bob Mottram 0789dc350b wifi up commands 2017-06-19 18:34:50 +01:00
Bob Mottram 04b7671b91 wpa_supplicant interface 2017-06-19 18:12:05 +01:00
Bob Mottram 3b4f1ac3d9 A better way of having predictable device names 2017-06-19 15:36:16 +01:00
Bob Mottram 47f32c0583 systemd method of shutting down 2017-06-19 15:27:21 +01:00
Bob Mottram 2733e46d67 Predictable device names 2017-06-19 14:48:51 +01:00
Bob Mottram 89d05deae7 Don't preinstall repos on mesh variant 2017-06-19 12:03:01 +01:00
Bob Mottram cacb9770a7 https transport for mesh installs 2017-06-19 11:20:26 +01:00
Bob Mottram 7d15f0a330 Debian 9 2017-06-19 11:15:14 +01:00
Bob Mottram 7438e6ffc3 Use kernel sandbox for ssh 2017-06-19 10:57:54 +01:00
Bob Mottram 582cbe99d9 Use debian ffmpeg package 2017-06-19 10:32:34 +01:00
Bob Mottram 57467f450a More package changes 2017-06-18 22:53:25 +01:00
Bob Mottram ef502719b1 mesh package changes 2017-06-18 22:41:47 +01:00
Bob Mottram 7dbae43f3b Warn about rethinkdb not supporting arm 2017-06-18 21:06:12 +01:00
Bob Mottram 4917240779 Typo 2017-06-18 20:46:51 +01:00
Bob Mottram 2ced68db33 Home directory 2017-06-18 20:22:08 +01:00
Bob Mottram 5b0afb0c15 Directory ownership 2017-06-18 20:18:15 +01:00
Bob Mottram 78486a0860 More qvitter consistent colour theme 2017-06-18 19:03:11 +01:00
Bob Mottram 2ba749d76d Consistent postactiv colour theme 2017-06-18 19:00:12 +01:00
Bob Mottram 5a41cc680c Vertical logo position 2017-06-18 18:54:55 +01:00
Bob Mottram 2dbf2b0352 Smaller logo 2017-06-18 18:51:31 +01:00
Bob Mottram eb1a820bc1 postactiv logo on qvitter 2017-06-18 18:42:37 +01:00
Bob Mottram 63b72d9657 fbone logo for qvitter 2017-06-18 18:23:22 +01:00
Bob Mottram 5fce4f76c6 postactiv commit 2017-06-18 17:12:37 +01:00
Bob Mottram 98e90d34ae Use a modified version of qvitter to display profile icons 2017-06-18 16:21:54 +01:00
Bob Mottram b474b307eb Sharings theme plugin update 2017-06-18 15:12:09 +01:00
Bob Mottram 41ec0bb918 Sharings plugin update 2017-06-18 15:11:30 +01:00
Bob Mottram 7c32e02d47 Don't remove tor log
It causes tor to fail
2017-06-18 15:04:52 +01:00
Bob Mottram e5db89ecb6 Since repos are included in the image, deprecate mirrors 2017-06-18 13:56:03 +01:00
Bob Mottram 9ce9d5dae4 Only if custom image is present 2017-06-18 13:35:24 +01:00
Bob Mottram d724d433fc Ensure that GS/pA background is set 2017-06-18 13:26:49 +01:00
Bob Mottram a1939bb4cd Abstract out the markdown plugin 2017-06-18 13:19:55 +01:00
Bob Mottram 955142b382 Abstract out the sharings plugin 2017-06-18 12:59:56 +01:00
Bob Mottram d44b579839 No armadillo 2017-06-18 12:23:42 +01:00
Bob Mottram 503a2899ad Don't include commits 2017-06-18 12:13:47 +01:00
Bob Mottram 295f132cd8 Extra php package 2017-06-18 10:59:12 +01:00
Bob Mottram de9e9e77c5 Check for composer failure 2017-06-18 10:22:48 +01:00
Bob Mottram d8da20da02 bump toxcore commit 2017-06-17 19:37:51 +01:00
Bob Mottram 2ac43eabb2 Copying with hidden files 2017-06-17 18:37:06 +01:00
Bob Mottram 81a78f5b92 Don't list selected apps 2017-06-17 18:11:42 +01:00
Bob Mottram d18a650483 Tox repos 2017-06-17 15:58:45 +01:00
Bob Mottram 163e2188c7 Missing fi 2017-06-17 15:20:43 +01:00
Bob Mottram 01e8e2dee0 Restore tox repos 2017-06-17 14:16:32 +01:00
Bob Mottram 81e06abc20 Some filesystem optimisations for btrfs 2017-06-17 12:26:00 +01:00
Bob Mottram dfb24fdba0 Update libsodium package 2017-06-17 11:34:10 +01:00
Bob Mottram edf42c6123 Social instance installs 2017-06-16 21:29:51 +01:00
Bob Mottram a1a448088d ext4 defragmentation 2017-06-16 19:55:04 +01:00
Bob Mottram 73eb2d8146 Don't mirror cmake 2017-06-16 16:37:58 +01:00
Bob Mottram 93f3cefcfd Less verbose when choosing apps 2017-06-16 16:13:38 +01:00
Bob Mottram 301c293ced systemd reboot 2017-06-16 16:01:43 +01:00
Bob Mottram 3b12b0d13b Comment on what architecture was detected 2017-06-16 15:46:51 +01:00
Bob Mottram 9097354a78 Replace shred when toggling logging 2017-06-16 15:43:42 +01:00
Bob Mottram ba1b541e3f Beginning of social instance builds 2017-06-16 15:39:48 +01:00
Bob Mottram 39628a200d Preinstall dovecot into images 2017-06-16 10:29:02 +01:00
Bob Mottram 1c16dbfe85 Use qvitter as the default UI 2017-06-16 10:09:05 +01:00
Bob Mottram b3ffaeb8f1 Bump pleroma commit 2017-06-15 23:21:46 +01:00
Bob Mottram 86370db1d5 Fix nodejs image install 2017-06-15 23:13:17 +01:00
Bob Mottram eaa53b3bed Change nodejs installation within image 2017-06-15 21:55:42 +01:00
Bob Mottram 7c029463c4 Getting nodejs repo gpg key 2017-06-15 20:31:09 +01:00
Bob Mottram bf892728c0 Try without tox repos 2017-06-15 14:03:58 +01:00
Bob Mottram c3812ffd87 More repos included within image 2017-06-15 12:53:24 +01:00
Bob Mottram e65779aa0b Include extra repos 2017-06-15 12:43:52 +01:00
Bob Mottram 67230ecaca Include repos within the image 2017-06-15 12:33:16 +01:00
Bob Mottram 8176d6a49b More waits 2017-06-14 22:28:52 +01:00
Bob Mottram aa2d8b0cd8 readme not used 2017-06-14 21:57:45 +01:00
Bob Mottram d20fb4b49a Show gpg batch files 2017-06-14 21:36:56 +01:00
Bob Mottram 08f2bd6c6a Cursor on left 2017-06-14 21:31:03 +01:00
Bob Mottram d9706b3417 Append 2017-06-14 21:27:05 +01:00
Bob Mottram a6dd4961b1 Extra politeness on install 2017-06-14 21:25:25 +01:00
Bob Mottram 1286c030b0 gpg batch parameters for curve 25519 2017-06-14 21:11:37 +01:00
Bob Mottram 4b9f281007 Some additional clears 2017-06-14 20:37:07 +01:00
Bob Mottram 3cf283dbe4 Key lengths same as letsencrypt 2017-06-14 18:14:39 +01:00
Bob Mottram 99bb2ced9d Tidying 2017-06-14 16:52:18 +01:00
Bob Mottram 4d22402f44 install email packages into images 2017-06-14 16:38:42 +01:00
Bob Mottram e7a0947920 Comment no longer relevent 2017-06-14 16:13:24 +01:00
Bob Mottram 4d8592f7ab Use curve 25519 for gpg keys 2017-06-14 16:03:19 +01:00
Bob Mottram 402b459eed Key splitting permissions 2017-06-14 15:19:18 +01:00
Bob Mottram 6830c8335d Permissions on the gragments directory 2017-06-14 14:59:43 +01:00
Bob Mottram 0641d290c6 ssh crypto settings from bettercrypto.org 2017-06-14 14:00:21 +01:00
Bob Mottram 14307ee7e7 Return to tor debian package 2017-06-14 11:52:05 +01:00
Bob Mottram 68d73d5057 Try without flags 2017-06-14 11:16:33 +01:00
Bob Mottram 641a576e24 Apache2 2017-06-14 10:50:46 +01:00
Bob Mottram a6cbf0dc65 Change location of resolv.conf 2017-06-14 10:48:41 +01:00
Bob Mottram 5fdaabdaf4 Settinsg syncthing permissions 2017-06-13 22:29:08 +01:00
Bob Mottram ca6420f123 Check for syncthing id files in user directories 2017-06-13 22:19:54 +01:00
Bob Mottram b5a32cf391 Some extra echos 2017-06-12 23:23:32 +01:00
Bob Mottram e7aa66dc92 Not verbose 2017-06-12 23:03:41 +01:00
Bob Mottram 18c7ca866a Improve upgrades
So that commit changes are checked
2017-06-12 22:59:25 +01:00
Bob Mottram 8809a82ea2 Upgrading gnusocial 2017-06-12 22:40:33 +01:00
Bob Mottram 5e92fa6bea defrag after upgrade 2017-06-12 14:02:19 +01:00
Bob Mottram f8aefec776 Additional python packages for searx 2017-06-12 13:27:35 +01:00
Bob Mottram c17a68139b Only purge the main apache package 2017-06-12 13:17:55 +01:00
Bob Mottram ac1bf02e4f Missing package 2017-06-12 13:04:59 +01:00
Bob Mottram 0d5bc8900a Different user deletion commands 2017-06-12 11:33:54 +01:00
Bob Mottram da7380356b Try to avoid filesystem errors when removing apps 2017-06-12 11:19:43 +01:00
Bob Mottram c437b22f2c Remove space 2017-06-12 10:26:42 +01:00
Bob Mottram 9bcf1e6a29 Return to basic wait screen 2017-06-11 22:23:44 +01:00
Bob Mottram 376903c260 Spinner position 2017-06-11 22:21:01 +01:00
Bob Mottram c1f9920cb3 Show spinner 2017-06-11 22:19:15 +01:00
Bob Mottram fccc78c627 Different way of doing progress bars 2017-06-11 22:10:12 +01:00
Bob Mottram 2f58ceebf6 Try calling function for source 2017-06-11 20:57:12 +01:00
Bob Mottram 0d1fa4e13e Two progress bars 2017-06-11 20:52:53 +01:00
Bob Mottram 8f17ca8b53 Avoid flicker 2017-06-11 20:48:50 +01:00
Bob Mottram 617e8f940d Wait bar 2017-06-11 20:31:52 +01:00
Bob Mottram 3b1cc15f4e Remove any previous onion addresses 2017-06-11 20:09:28 +01:00
Bob Mottram 9e03077219 Move sync 2017-06-11 20:00:11 +01:00
Bob Mottram 1208d8f860 Try sync 2017-06-11 19:41:15 +01:00
Bob Mottram 0e86c3f541 Waiting for onions 2017-06-11 18:49:54 +01:00
Bob Mottram 222601c2b6 Third time lucky 2017-06-11 18:20:08 +01:00
Bob Mottram da5504ad59 Return to restart 2017-06-11 18:17:26 +01:00
Bob Mottram fbf57a4349 Return to reload 2017-06-11 17:41:22 +01:00
Bob Mottram 2e41de3d91 Keep track of rss mobile onion domain 2017-06-11 17:11:10 +01:00
Bob Mottram 2830c5fc16 Remove mobile onion site separately 2017-06-11 15:17:18 +01:00
Bob Mottram d9a5c3abde Placeholder functions 2017-06-11 14:59:04 +01:00
Bob Mottram 72427aa73e list 2017-06-11 14:52:46 +01:00
Bob Mottram 304963caca Hidden service path 2017-06-11 14:23:24 +01:00
Bob Mottram da059f8368 More directly check for onion service 2017-06-11 13:53:01 +01:00
Bob Mottram ba69e9fe10 Return values 2017-06-11 13:09:12 +01:00
Bob Mottram 5a04d56267 Try without echo 2017-06-11 13:02:26 +01:00
Bob Mottram 247a2ac0f8 More info on onion failures 2017-06-11 12:46:43 +01:00
Bob Mottram 8241153b29 Quotes 2017-06-11 12:19:40 +01:00
Bob Mottram f9a98d2d07 Check that onion sites are created 2017-06-11 11:54:24 +01:00
Bob Mottram 0b8ac4f4d1 Keep database running during backup and restore 2017-06-11 10:56:46 +01:00
Bob Mottram 32a0727ba4 Clear after standby 2017-06-11 10:44:56 +01:00
Bob Mottram a6f960d580 Standby messages 2017-06-11 10:43:35 +01:00
Bob Mottram c01783b518 More keeping mariadb running 2017-06-11 10:40:59 +01:00
Bob Mottram 2bc2c38db6 Test daemon running state the systemd way 2017-06-11 10:22:32 +01:00
Bob Mottram 5cf9fdd93e Try to keep mariadb running 2017-06-11 10:17:45 +01:00
Bob Mottram 88083cc184 Fix watchdog 2017-06-11 10:12:35 +01:00
Bob Mottram 1f1c5d30d1 Try to keep systemd happy 2017-06-10 21:37:50 +01:00
Bob Mottram c24b2e2dcf systemd coddling 2017-06-10 21:22:54 +01:00
Bob Mottram 427f11049a tahoelafs paths 2017-06-10 20:27:23 +01:00
Bob Mottram 5bd77daaf8 Checks when adding users 2017-06-10 18:34:45 +01:00
Bob Mottram c9e1bf34e3 Check that the tahoelafs home directory gets created 2017-06-10 18:28:47 +01:00
Bob Mottram bfd2a37f63 quiet 2017-06-10 16:12:07 +01:00
Bob Mottram aa81bb930e quiet 2017-06-10 16:11:30 +01:00
Bob Mottram c57aec4356 need apache utils for htpasswd 2017-06-10 16:08:01 +01:00
Bob Mottram d9f3dbff03 Remove any existing tahoelafs install 2017-06-10 15:11:22 +01:00
Bob Mottram 822fd47d32 Users and groups 2017-06-10 14:57:42 +01:00
Bob Mottram cd54f26f84 Reboot now uses systemd 2017-06-10 14:26:52 +01:00
Bob Mottram 46aebc3edd Tidying 2017-06-10 14:13:43 +01:00
Bob Mottram 433f3596d5 tahoelafs tor handler 2017-06-10 13:17:25 +01:00
Bob Mottram 7685366ca2 Move tahoelafs to using debian package 2017-06-10 13:00:01 +01:00
Bob Mottram e543d160fa tahoelafs directory 2017-06-10 12:08:06 +01:00
Bob Mottram b550080965 Additional packages 2017-06-09 20:14:58 +01:00
Bob Mottram 788510972c docuwiki configuration 2017-06-09 18:02:59 +01:00
Bob Mottram ba899d6ac7 users file location 2017-06-09 16:18:31 +01:00
Bob Mottram 30cab4d59f Install dokuwiki from repo
Since it isn't packaged for debian stretch
2017-06-09 15:10:10 +01:00
Bob Mottram 81a75baac2 Try different nodejs versions 2017-06-08 21:32:22 +01:00
Bob Mottram 46e6e13792 Try different nodejs versions 2017-06-08 21:31:03 +01:00
Bob Mottram aa305cf088 Don't install yarn 2017-06-08 18:54:48 +01:00
Bob Mottram 63c02d7f20 More checks for failures 2017-06-08 17:18:50 +01:00
Bob Mottram acdb930a07 Install bower again 2017-06-08 12:23:52 +01:00
Bob Mottram 518d563b7a Remove scuttlebot from documentation 2017-06-08 11:29:47 +01:00
Bob Mottram 6bb05c99c7 Rename branch 2017-06-08 11:12:05 +01:00
Bob Mottram 0ee038545f Stick with jessie 2017-06-08 10:57:57 +01:00
Bob Mottram 16350b4c36 Don't show local addresses when in onion only 2017-06-08 10:48:46 +01:00
Bob Mottram c833eecb79 Cursor vertical position 2017-06-07 20:25:44 +01:00
Bob Mottram 153d4d146b Cursor position during wait 2017-06-07 20:24:33 +01:00
Bob Mottram b53c1a31cb Cursor position during wait 2017-06-07 20:19:52 +01:00
Bob Mottram 6ba589afba Hubzilla failure message 2017-06-07 20:17:28 +01:00
Bob Mottram 96b4ad2f36 Etherpad needs quite a lot of RAM 2017-06-07 19:36:11 +01:00
Bob Mottram ce466d8c94 Restoring mutt 2017-06-07 17:17:55 +01:00
Bob Mottram e7e2f71c75 Deprecate scuttlebot
It uses too much cpu
2017-06-07 17:03:23 +01:00
Bob Mottram 59616e4dbc Restart mariadb after installations 2017-06-06 14:26:57 +01:00
Bob Mottram 237ac847d6 Restart mariadb at end of ghost install 2017-06-06 13:38:37 +01:00
Bob Mottram 2ac25c167b More ghost dependencies 2017-06-06 13:24:57 +01:00
Bob Mottram 7e16a88f7e Install a node package globally 2017-06-06 12:19:05 +01:00
Bob Mottram 6da57dbeaf The usual oddness with npm installation 2017-06-06 11:31:25 +01:00
Bob Mottram 5d61b29d95 Always try to uninstall nodejs before installing it 2017-06-06 11:00:02 +01:00
Bob Mottram a5fe0462de Don't use mysqladmin 2017-06-05 22:27:30 +01:00
Bob Mottram 542515be7d Clear plugin on mariadb users 2017-06-05 21:48:27 +01:00
Bob Mottram 6daa9664f1 mariadb root user 2017-06-05 21:34:20 +01:00
Bob Mottram 45df6aad24 Set mariadb password 2017-06-05 21:14:17 +01:00
Bob Mottram 346e85f4b9 Running query as root user 2017-06-05 20:26:35 +01:00
Bob Mottram e1b8af8664 Typo 2017-06-05 20:19:31 +01:00
Bob Mottram 3f02251630 Message not needed 2017-06-05 20:00:39 +01:00
Bob Mottram 84f33bc946 please wait sign 2017-06-05 19:59:04 +01:00
Bob Mottram ad523641af Allow mariadb logins separate from the OS 2017-06-05 19:27:42 +01:00
Bob Mottram ec41237695 mariadb service 2017-06-05 19:20:08 +01:00
Bob Mottram a19e7aa143 Reinstalling the database 2017-06-05 15:43:39 +01:00
Bob Mottram d6771dcbaa Always store the mariadb password 2017-06-05 15:39:11 +01:00
Bob Mottram 0e4ec45c74 mariadb rather than mysql 2017-06-05 14:55:39 +01:00
Bob Mottram 9b2bbf2903 include mariadb-client 2017-06-05 14:52:47 +01:00
Bob Mottram dc9ea6ee6b Fixing mariadb 2017-06-05 14:42:24 +01:00
Bob Mottram 4992cbe18e ghost permissions 2017-06-04 23:37:41 +01:00
Bob Mottram 07adddaf1f Install ghost packages 2017-06-04 21:13:57 +01:00
Bob Mottram 8ac55a346e Set nodejs version 2017-06-04 18:50:20 +01:00
Bob Mottram 2b9c6c3fa3 Fixing npm hell 2017-06-04 18:35:55 +01:00
Bob Mottram 01679feef4 More removals 2017-06-04 17:28:47 +01:00
Bob Mottram 2d2e7360c0 Remove nodejs install if it exists 2017-06-04 16:06:00 +01:00
Bob Mottram f4137c28d1 Extra npm checks 2017-06-04 15:38:50 +01:00
Bob Mottram 3257c8658f Remove old npm directory 2017-06-04 14:58:37 +01:00
Bob Mottram ff52a2f214 Remove old npm directory 2017-06-04 14:56:49 +01:00
Bob Mottram 4a67b64d35 Change node installation 2017-06-04 14:06:06 +01:00
Bob Mottram 86d5e5d696 An actually working nodejs debian package
Needs the jessie repo
2017-06-04 12:46:32 +01:00
Bob Mottram f78f19ca72 Add onion address to trusted domains for nextcloud 2017-06-04 10:40:42 +01:00
Bob Mottram b9cac5dcbf Check that data directory gets created 2017-06-04 10:17:52 +01:00
Bob Mottram 8803eb6e5f Missing slash 2017-06-04 10:09:00 +01:00
Bob Mottram 581cb74e71 Excess memcached 2017-06-04 09:56:08 +01:00
Bob Mottram 49c89febf1 Nextcloud needs zip 2017-06-04 09:52:58 +01:00
Bob Mottram c1ec8d9c36 Install memcached for GS/pA 2017-06-04 09:42:16 +01:00
Bob Mottram b7edffc521 php socket path 2017-06-03 20:20:04 +01:00
Bob Mottram db94320f94 Stopping daemons 2017-06-03 19:58:09 +01:00
Bob Mottram 7c7bb6a28c Tor logging 2017-06-03 19:51:18 +01:00
Bob Mottram 6e2668ab1c Upstream tor package 2017-06-03 19:21:50 +01:00
Bob Mottram 109d6bf848 Restrict tor traffic 2017-06-03 19:10:04 +01:00
Bob Mottram 5e76d9bc68 Use upstream tor package 2017-06-03 19:04:46 +01:00
Bob Mottram f6b0037c29 Stop daemons from root 2017-06-03 17:49:23 +01:00
Bob Mottram e747a001cc Extra package 2017-06-03 17:42:22 +01:00
Bob Mottram 00fa4ac4d3 php socket 2017-06-03 17:20:35 +01:00
Bob Mottram 5ba649d8dd Add mariadb socket 2017-06-03 16:49:31 +01:00
Bob Mottram ea5593208f Obsolete package removed 2017-06-03 16:22:51 +01:00
Bob Mottram 07594a124e Remove obsolete mutt options 2017-06-03 16:05:59 +01:00
Bob Mottram 45c3c6be3e Optional password file when splitting gpg key 2017-06-03 15:42:57 +01:00
Bob Mottram 75b0eb4291 gpg stuff 2017-06-03 13:57:24 +01:00
Bob Mottram f495828a2d php directory 2017-06-03 12:43:06 +01:00
Bob Mottram 8e77c68ac0 Fix creation of backup key 2017-06-03 12:20:15 +01:00
Bob Mottram 50d99f06eb Set password when creating backup key 2017-06-02 19:50:30 +01:00
Bob Mottram d4ede9cad6 Watchdog script name 2017-06-02 17:08:30 +01:00
Bob Mottram 90c8dbfd64 Keep the avahi daemon running in the image install 2017-06-02 17:03:41 +01:00
Bob Mottram 0aee39ae8a Fixing gpg backups 2017-06-02 16:24:12 +01:00
Bob Mottram b277b5e570 Check that the initial setup really did complete 2017-06-02 11:53:22 +01:00
Bob Mottram 8ca47c2c30 Looks like tor restart is necessary
This isn't ideal because it means you can't set up the system from an onion address
2017-06-02 11:14:19 +01:00
Bob Mottram a45b090e57 Ensure mdns is active on images 2017-06-02 11:10:47 +01:00
Bob Mottram 04826948f0 Check for files 2017-06-01 21:30:17 +01:00
Bob Mottram b4a038b8c4 Fix ssh configuration 2017-06-01 20:51:19 +01:00
Bob Mottram 9ae115059f gpg IDs 2017-06-01 20:40:11 +01:00
Bob Mottram 8990025c26 Display gpg fingerprint on control panel 2017-06-01 20:27:16 +01:00
Bob Mottram 7f303823ec Convert gpg key ID to v2.x format 2017-06-01 20:16:59 +01:00
Bob Mottram 55e3f4a8ae Avoid passphrase during gpg key generation 2017-06-01 19:30:01 +01:00
Bob Mottram dce82c90df php daemon 2017-06-01 19:05:15 +01:00
Bob Mottram d351d8ee0d Fix dovecot on onion installs 2017-06-01 18:59:57 +01:00
Bob Mottram e3be9cf5e0 Check for ssh onion service 2017-06-01 18:40:52 +01:00
Bob Mottram 9e55fee173 exit not return 2017-06-01 18:15:08 +01:00
Bob Mottram bd7903b4fb Monkeysphere removal 2017-06-01 18:03:31 +01:00
Bob Mottram 8b13d28361 Don't use monkeysphere 2017-06-01 17:59:28 +01:00
Bob Mottram 084bf9583f Double quotes 2017-06-01 17:58:49 +01:00
Bob Mottram f0692f51fe gpg key generation 2017-06-01 17:43:09 +01:00
Bob Mottram bd33b8145c Fix gpg key generation 2017-06-01 17:08:46 +01:00
Bob Mottram d1be62d225 Tor things 2017-06-01 15:15:05 +01:00
Bob Mottram 1163ffd146 Remove old daemon commands 2017-06-01 13:01:37 +01:00
Bob Mottram 03b065c71d Try without the custom beaglebone kernel 2017-06-01 10:47:16 +01:00
Bob Mottram 21b375617d systemd as init system 2017-05-31 22:38:28 +01:00
Bob Mottram 4502ef3331 Separate beaglebone kernel build 2017-05-31 17:30:11 +01:00
Bob Mottram e02268012b Repacking the beaglebone kernel 2017-05-31 10:05:49 +01:00
Bob Mottram a73b4a02ab Function style 2017-05-30 19:17:39 +01:00
Bob Mottram af48fdce9d Tidying! 2017-05-30 17:53:59 +01:00
Bob Mottram e0b4c9d5a3 Don't need packages 2017-05-30 14:15:00 +01:00
Bob Mottram 5b88b980a0 stretch in first stage debootstrap 2017-05-30 13:49:43 +01:00
Bob Mottram dfda824730 utils setup sequence 2017-05-30 13:45:19 +01:00
Bob Mottram 68777f0059 beaglebone uenv parameters 2017-05-30 10:20:12 +01:00
Bob Mottram 911f90b25f Newer freedom-maker hardware setup 2017-05-29 21:04:45 +01:00
Bob Mottram 1d26907f35 Don't flash beaglebone kernel 2017-05-29 19:55:54 +01:00
Bob Mottram 8ba6c594b5 awk package 2017-05-29 19:48:42 +01:00
Bob Mottram f07024be33 Missing npm package 2017-05-29 17:12:14 +01:00
Bob Mottram 03e7fea2c4 Don't use the patched version of mutt 2017-05-29 15:50:34 +01:00
Bob Mottram 4c220de1fe Set local repo clone to stretch
This should be removed after the upgrade
2017-05-29 15:27:21 +01:00
Bob Mottram c961fb02f2 Replacement package 2017-05-29 15:18:50 +01:00
Bob Mottram ea091488b6 No longer need to explicitly use emacs version 2017-05-29 14:46:27 +01:00
Bob Mottram e0f7807396 Workaround shouldn't be needed 2017-05-29 14:44:10 +01:00
Bob Mottram db0c2f1f1b Workaround shouldn't be needed 2017-05-29 14:43:49 +01:00
Bob Mottram 9952ee9ecb Package doesn't exist 2017-05-29 14:42:30 +01:00
Bob Mottram 92edd5dc1f Update php to version 7.0 2017-05-29 14:40:34 +01:00
Bob Mottram d308c83e0a Change distro to stretch 2017-05-29 13:57:39 +01:00
Bob Mottram 54c9a071f9 Bump qvitter commit 2017-05-29 11:45:16 +01:00
Bob Mottram 4cdef3f52a Try to fix pep breakage 2017-05-28 15:18:41 +01:00
Bob Mottram 8791750811 Show permissions errors 2017-05-28 14:57:20 +01:00
Bob Mottram fbc4c53d3a letsencrypt permissions 2017-05-28 14:31:55 +01:00
Bob Mottram 5ba59b687e cryptpad documentation 2017-05-28 11:36:43 +01:00
Bob Mottram cd3d73ac84 Remove unnecessary onion only conditions 2017-05-28 10:46:18 +01:00
Bob Mottram 0de1341a5f sleep while cryptpad daemon starts 2017-05-28 10:43:29 +01:00
Bob Mottram 43d0b6190a Move cryptpad out of the clearnet 2017-05-28 10:34:31 +01:00
Bob Mottram 01ce3b7457 Don't allow cryptpad registrations plus no content security policy
csp causes things to fail
2017-05-27 22:33:15 +01:00
Bob Mottram 08b465af6a Get cryptpad config file 2017-05-27 20:49:13 +01:00
Bob Mottram d28731b4aa cryptpad directory permissions 2017-05-27 19:11:22 +01:00
Bob Mottram 187a86c6bd Only change user permissions if not in onion mode 2017-05-27 19:09:06 +01:00
Bob Mottram e2cb336792 cryptpad user permissions 2017-05-27 19:07:34 +01:00
Bob Mottram 2508d63134 Add powerline 2017-05-27 14:03:52 +01:00
Bob Mottram d55f12d79b Fixing gnusocial conversations 2017-05-27 10:30:58 +01:00
Bob Mottram 9e549cc745 Removing jitsi repo 2017-05-27 10:04:28 +01:00
Bob Mottram b7e0e548b7 cryptpad settings 2017-05-26 22:56:12 +01:00
Bob Mottram 951ec02c52 Full path 2017-05-26 18:12:39 +01:00
Bob Mottram 9ad05b9515 http for onion 2017-05-26 17:24:45 +01:00
Bob Mottram 1ace399a60 Change cryptpad commit 2017-05-26 17:09:53 +01:00
Bob Mottram 1e7e023dd2 bower install 2017-05-26 15:26:51 +01:00
Bob Mottram 1e1ed55816 bower version 2017-05-26 15:10:25 +01:00
Bob Mottram f3f218867e Remove any previous directory on install 2017-05-26 14:59:44 +01:00
Bob Mottram 5f5e2810ec cryptpad repo details 2017-05-26 14:53:32 +01:00
Bob Mottram 2ce3937be4 cryptpad app 2017-05-26 14:26:27 +01:00
Bob Mottram 921266cce1 koel upgrades 2017-05-26 10:03:28 +01:00
Bob Mottram eaac55f03a koel domain name 2017-05-25 23:53:59 +01:00
Bob Mottram 2583b4d96e Remove gravatar from koel 2017-05-25 23:52:55 +01:00
Bob Mottram 56e63ac2d7 Link to site 2017-05-25 22:48:11 +01:00
Bob Mottram b757c06edf Document importing music 2017-05-25 22:43:45 +01:00
Bob Mottram 1f8edb31bc Dialog height 2017-05-25 22:12:31 +01:00
Bob Mottram b3d7f5865c Quotes 2017-05-25 22:07:05 +01:00
Bob Mottram 31ffa567d6 Option to format a usb drive to store music 2017-05-25 22:03:31 +01:00
Bob Mottram 0fdbc41739 No username 2017-05-25 21:47:28 +01:00
Bob Mottram 597228ef89 Export music to usb 2017-05-25 21:45:01 +01:00
Bob Mottram 5c446645aa copy update 2017-05-25 21:40:41 +01:00
Bob Mottram 94003c9c7e Import music from USB drive 2017-05-25 21:35:51 +01:00
Bob Mottram c60aea3580 Importing music from a directory 2017-05-25 20:53:43 +01:00
Bob Mottram fc86a24477 Start of koel documentation 2017-05-25 19:37:49 +01:00
Bob Mottram b50521d344 koel upgrades 2017-05-25 18:51:26 +01:00
Bob Mottram e3064aa9c3 Separators 2017-05-25 18:20:01 +01:00
Bob Mottram 1dea9bee31 No braces 2017-05-25 18:19:02 +01:00
Bob Mottram 7e14979572 database password 2017-05-25 18:18:28 +01:00
Bob Mottram 58ecc2d8d5 Mobile ciphers 2017-05-25 18:03:46 +01:00
Bob Mottram 21a3b97f6b Indentation 2017-05-25 17:34:05 +01:00
Bob Mottram 29f31be000 Use sameorigin on koel 2017-05-25 17:32:15 +01:00
Bob Mottram 324d058a28 koel nginx configuration 2017-05-25 17:30:30 +01:00
Bob Mottram 6489b42b16 Create music directory 2017-05-25 16:17:35 +01:00
Bob Mottram 8636206713 composer install 2017-05-25 13:02:07 +01:00
Bob Mottram 71ab9ffb5f Compression for koel 2017-05-25 12:31:04 +01:00
Bob Mottram 4bfeae5c98 koel config 2017-05-25 12:22:18 +01:00
Bob Mottram d8f489269b Script not used 2017-05-25 12:14:14 +01:00
Bob Mottram 3c26a848a2 Switch koel port 2017-05-25 11:42:36 +01:00
Bob Mottram 1bfe5e9634 Daemon for koel 2017-05-25 11:41:29 +01:00
Bob Mottram a246aaa461 koel nginx config 2017-05-25 11:29:17 +01:00
Bob Mottram efdd084e42 koel app 2017-05-25 10:59:38 +01:00
Bob Mottram cf3cb8b522 Don't include movim
Websockets needs fixing
2017-05-24 17:46:43 +01:00
Bob Mottram 01e63b2084 Wording 2017-05-23 19:39:20 +01:00
Bob Mottram 72b964296a Scuttlebot documentation 2017-05-23 19:35:15 +01:00
Bob Mottram 1a807f4cbc firewall for scuttlebot 2017-05-23 17:38:48 +01:00
Bob Mottram 1c13395a7d Dialog height 2017-05-23 17:32:36 +01:00
Bob Mottram ccf929e8d0 Scuttlebot isn't going to work with onion addresses 2017-05-23 17:21:32 +01:00
Bob Mottram 8fa9358e47 default somain name 2017-05-23 15:51:30 +01:00
Bob Mottram 09f9943736 Reading config params 2017-05-23 15:49:08 +01:00
Bob Mottram c67e9c9636 Read default domain 2017-05-23 15:45:37 +01:00
Bob Mottram 7aff83ac98 Double quotes 2017-05-23 15:38:48 +01:00
Bob Mottram 0e89a3fba2 Torify invite code 2017-05-23 15:35:04 +01:00
Bob Mottram 805f5e24c0 Scuttlebot onion address 2017-05-23 15:13:45 +01:00
Bob Mottram 5054a58d7b Use default shell 2017-05-22 23:15:10 +01:00
Bob Mottram 1048b39f65 scuttlebot app 2017-05-22 21:46:07 +01:00
Bob Mottram 48853d108f Switch matrix port 2017-05-22 19:08:01 +01:00
Bob Mottram 56b2b766fd Extra ui fields 2017-05-22 15:46:24 +01:00
Bob Mottram edc20569a5 searx commit 2017-05-22 15:34:27 +01:00
Bob Mottram 50fb913747 Failure message for short passwords 2017-05-22 14:35:40 +01:00
Bob Mottram 08039edf3b Changing searx password 2017-05-22 14:29:20 +01:00
Bob Mottram a5f307ddfb Changing searx password 2017-05-22 14:26:02 +01:00
Bob Mottram d0a14833e4 More prosody optimisations to reduce battery and bandwidth use on mobile 2017-05-22 10:34:58 +01:00
Bob Mottram 1a9f1a9e20 Ensure that letsencrypt cert is obtained for xmpp when not in onion only mode 2017-05-21 20:12:01 +01:00
Bob Mottram 1c7cfc8926 The gnusocial link within ttrss doesn't work very well, so leave out for now 2017-05-21 18:14:53 +01:00
Bob Mottram 1ee221f0fb Bump pleroma commit 2017-05-21 15:33:43 +01:00
Bob Mottram d2a028f75d Add or remove dynamic dns have no effect if there is no provider 2017-05-21 10:25:42 +01:00
Bob Mottram 62d0047c9b quotes 2017-05-21 10:20:45 +01:00
Bob Mottram 919354059c Argument parsing for synamic DNS where no provider given 2017-05-21 10:18:47 +01:00
Bob Mottram 5480616315 More consistent gogs file construction 2017-05-21 10:05:43 +01:00
Bob Mottram 377e74543f gogs download filename for arm 2017-05-21 09:58:09 +01:00
Bob Mottram 75d7bdeb0a gogs download filename for arm 2017-05-21 09:57:30 +01:00
Bob Mottram 2ebb305786 movim fixes 2017-05-20 22:43:45 +01:00
Bob Mottram 1b58a1cc2b Change default login before install 2017-05-20 21:52:24 +01:00
Bob Mottram af10cdfad0 Default movim admin login 2017-05-20 21:50:27 +01:00
Bob Mottram e0ac145bbc Update movim database 2017-05-20 10:00:31 +01:00
Bob Mottram 406729c4cf Note about letsencrypt service outages 2017-05-19 22:15:23 +01:00
Bob Mottram 185b872d3e letsencrypt permissions when renewing 2017-05-19 22:03:45 +01:00
Bob Mottram 21ab3ceb5f Remove movim daemon on uninstall 2017-05-19 17:09:39 +01:00
Bob Mottram 290799c972 Safer install of composer 2017-05-19 16:00:21 +01:00
Bob Mottram edd0e53d89 Remove movim on xmpp uninstall 2017-05-19 15:55:38 +01:00
Bob Mottram adc20c9e0c Beginning of movim 2017-05-19 15:18:02 +01:00
Bob Mottram 432230c521 Simplify dynamic DNS setup 2017-05-18 16:03:49 +01:00
Bob Mottram fe8e070b7e Only install the nodejs debian packages in the image 2017-05-18 13:39:56 +01:00
Bob Mottram 1c8187e4fe Make nodejs part of the base install 2017-05-18 12:50:24 +01:00
Bob Mottram b6ae4623ec Don't use autogen in inadyn build 2017-05-18 09:56:00 +01:00
Bob Mottram d1babd2fc3 Old inadyn commit 2017-05-18 09:53:27 +01:00
Bob Mottram 3f59b4ad10 Revert "Inadyn repo"
This reverts commit 1d4c34035c.
2017-05-18 09:46:35 +01:00
Bob Mottram 4de59f40d8 Remove any existing xmpp install before starting new one 2017-05-17 22:05:05 +01:00
Bob Mottram 2ab495c57f Removing prosody 2017-05-17 22:02:04 +01:00
Bob Mottram d38a30725b Fix xmpp on onion 2017-05-17 21:41:35 +01:00
Bob Mottram 8e17514c81 Exit if prosody modules were not installed 2017-05-17 21:10:32 +01:00
Bob Mottram ba1c7c26b7 Quotes 2017-05-17 20:16:28 +01:00
Bob Mottram 5e4ad87cab Don't remove 2017-05-17 20:09:09 +01:00
Bob Mottram 18aefc2749 Semicolons 2017-05-17 19:45:22 +01:00
Bob Mottram 8cb0ae8a20 Switch xmpp cert path 2017-05-17 19:08:21 +01:00
Bob Mottram c85dc2e33c Switch xmpp cert path 2017-05-17 19:05:32 +01:00
Bob Mottram 4485d92021 autogen for inadyn 2017-05-16 23:13:00 +01:00
Bob Mottram 1d4c34035c Inadyn repo 2017-05-16 22:11:13 +01:00
Bob Mottram 8304c7f2e8 If profanity is installed then remove it when xmpp is removed 2017-05-16 21:26:24 +01:00
Bob Mottram dd387dffee Change profanity documentation on xmpp page 2017-05-16 21:13:05 +01:00
Bob Mottram 46db0c6068 Profanity documentation 2017-05-16 21:05:37 +01:00
Bob Mottram 0d42aedcdc Separate the profanity client from the xmpp install 2017-05-16 20:49:39 +01:00
Bob Mottram d0bdcc54df Support new range of dynamic dns services 2017-05-16 17:34:44 +01:00
Bob Mottram a4956289ec Bump inadyn commit 2017-05-16 16:42:00 +01:00
Bob Mottram d268dd28d3 taller dialog 2017-05-16 16:09:57 +01:00
Bob Mottram 223d9931eb Consolidate getting the gpg public key 2017-05-15 18:16:02 +01:00
Bob Mottram 2dabe2e92f Handle multiple gpg keys 2017-05-15 18:05:46 +01:00
Bob Mottram 13d0998a8a Create prosody modules directory if needed 2017-05-15 17:53:46 +01:00
Bob Mottram b3432a467e Some extra comments 2017-05-15 15:42:02 +01:00
Bob Mottram 0eee43b1e7 Make inputbox wider to accomodate longer names 2017-05-15 14:05:56 +01:00
Bob Mottram 6078716ba5 Numbers 2017-05-14 23:41:08 +01:00
Bob Mottram c49b94f9ff Option to select no dynamic dns provider 2017-05-14 23:40:11 +01:00
Bob Mottram afe945c377 Stop and restart prosody when modules are updated to avoid undefined behavior 2017-05-14 22:46:15 +01:00
Bob Mottram b3825d1602 Use a known set of prosody modules
Helps to ensure stability and reduce chances of security problems
2017-05-14 22:10:31 +01:00
Bob Mottram 655f1c77e4 Mention direct install on a laptop 2017-05-14 15:36:29 +01:00
Bob Mottram d7c4a087d4 Installing onto unsupported architectures 2017-05-14 15:31:33 +01:00
Bob Mottram 6ccd81f39c Use compressed responses for gnusocial/postactiv 2017-05-14 10:52:16 +01:00
Bob Mottram cddc4639f3 Mailpile upgrades 2017-05-13 17:32:17 +01:00
Bob Mottram c945b7d402 matrix logging 2017-05-13 10:12:16 +01:00
Bob Mottram 86371327cf gnusocial queuedaemons use www-data 2017-05-12 18:44:42 +01:00
Bob Mottram ce5d65d857 Bump Lychee commit 2017-05-12 18:06:51 +01:00
Bob Mottram 3fca5f30b6 Capital 2017-05-12 14:35:25 +01:00
Bob Mottram 27296e9750 GFDL license for the website 2017-05-12 14:30:53 +01:00
Bob Mottram 7f18fbaaa6 Ensure that maintenance mode is off after nextcloud upgrade 2017-05-12 13:00:31 +01:00
Bob Mottram 029c69654e Unzip with overwrite 2017-05-12 12:20:29 +01:00
Bob Mottram 05eb4f1054 Capital 2017-05-12 12:14:09 +01:00
Bob Mottram ec888aae69 Capital 2017-05-12 12:10:58 +01:00
Bob Mottram fe2efe6bb4 Restore domain directories 2017-05-12 11:13:20 +01:00
Bob Mottram 690906fc23 dir missing 2017-05-12 10:46:53 +01:00
Bob Mottram b479b2b61e obnam validation 2017-05-12 10:40:00 +01:00
Bob Mottram 59c985fde4 ghost restore 2017-05-12 10:34:39 +01:00
Bob Mottram 4c350a032e Restore database name 2017-05-11 23:51:07 +01:00
Bob Mottram 80553d9d8b Restore database 2017-05-11 23:48:32 +01:00
Bob Mottram cc72169bfd Restore ghost database password 2017-05-11 23:26:08 +01:00
Bob Mottram 26fb6bd604 Check for directory 2017-05-11 22:59:06 +01:00
Bob Mottram fea7b3a2c4 Don't remove ghost files on failure 2017-05-11 22:57:01 +01:00
Bob Mottram add4b3464c Don't include ghost version in variables 2017-05-11 22:51:36 +01:00
Bob Mottram 3730e21fa9 app name during upgrade 2017-05-11 22:40:39 +01:00
Bob Mottram 546cb11ba4 Check commit 2017-05-11 22:09:45 +01:00
Bob Mottram a6886262fa Check hash on ghost download 2017-05-11 21:58:11 +01:00
Bob Mottram be5dd63e71 ghost download url 2017-05-11 21:53:59 +01:00
Bob Mottram 4638122109 ghost upgrades 2017-05-11 21:38:38 +01:00
Bob Mottram a246ed05c1 Restart radicale if needed 2017-05-11 19:50:30 +01:00
Bob Mottram 72f959bb29 radicale user in the www group 2017-05-11 17:21:37 +01:00
Bob Mottram 19085deb83 Fix sed for radicale 2017-05-11 16:48:13 +01:00
Bob Mottram bef67090a9 quiet 2017-05-11 16:19:41 +01:00
Bob Mottram c1e5672df1 nginx check for radicale 2017-05-11 16:16:53 +01:00
Bob Mottram e826edc23e Update radicale version 2017-05-11 16:07:52 +01:00
Bob Mottram 1fca17714f Improve radicale nginx config 2017-05-11 15:35:54 +01:00
Bob Mottram 0af189ce2b Use mobile ciphers for default domain 2017-05-11 12:54:38 +01:00
Bob Mottram c9eb34c7d1 Allow some apps to use ciphers better suited for mobile apps 2017-05-10 22:27:52 +01:00
Bob Mottram 58a8c2b2f2 Self signed certs are not almost entirely replaced by letsencrypt 2017-05-10 21:46:47 +01:00
Bob Mottram 67a3d128d8 Mention that riot web is installable 2017-05-10 20:25:22 +01:00
Bob Mottram ad6cd58e07 Mention that riot web is installable 2017-05-10 20:22:49 +01:00
Bob Mottram 01eb069e95 Riot Web page 2017-05-10 20:14:17 +01:00
Bob Mottram f4e4a4b2de Documentation for riot web 2017-05-10 20:12:27 +01:00
Bob Mottram d41789c4df Add customized riot web login image 2017-05-10 14:15:53 +01:00
Bob Mottram 38e085fc18 Riot web doesn't like content security 2017-05-10 12:59:31 +01:00
Bob Mottram fe7fa4254f Semicolons 2017-05-10 12:06:40 +01:00
Bob Mottram 0c6e59ad26 Remove riot directory 2017-05-10 11:54:49 +01:00
Bob Mottram e4290e3439 riot upgrade 2017-05-10 11:50:54 +01:00
Bob Mottram af00fb49a7 Beginning of riot web 2017-05-10 00:04:09 +01:00
Bob Mottram 4d99772872 Advice about the fediverse 2017-05-09 15:00:52 +01:00
Bob Mottram 97c48ffa47 update password store after nextcloud password change 2017-05-09 12:09:52 +01:00
Bob Mottram a3025cc142 Change nextcloud password 2017-05-09 12:03:49 +01:00
Bob Mottram fd175a988c Wording 2017-05-08 23:45:38 +01:00
Bob Mottram 1d502627bd Add nextcloud to apps list 2017-05-08 23:42:40 +01:00
Bob Mottram 88717e334a Documentation for nextcloud 2017-05-08 23:40:44 +01:00
Bob Mottram b309b6d953 Fixing nextcloud 2017-05-08 21:30:19 +01:00
Bob Mottram 177acbf2a2 Do a repair on nextcloud upgrades 2017-05-08 18:57:41 +01:00
Bob Mottram 1e282e9963 scan nextcloud files after restore 2017-05-08 18:50:48 +01:00
Bob Mottram 959fcbad54 Enable php path for nextcloud 2017-05-08 17:45:26 +01:00
Bob Mottram 4932206fa4 Needs to trust the domain 2017-05-08 16:50:38 +01:00
Bob Mottram 6225616be2 Some additional nginx security settings 2017-05-08 16:43:42 +01:00
Bob Mottram c3f832761e Some extra nextcloud apps 2017-05-08 16:38:02 +01:00
Bob Mottram dc5691b97e Redundant full stops 2017-05-08 13:02:13 +01:00
Bob Mottram f77f688ca9 Less width 2017-05-08 13:00:46 +01:00
Bob Mottram 9386da0cc9 More concise install dialog 2017-05-08 12:59:14 +01:00
Bob Mottram 390c4c9507 Set permissions after nextcloud install 2017-05-08 12:20:28 +01:00
Bob Mottram b48e31c246 Reduce dialog height 2017-05-08 11:43:28 +01:00
Bob Mottram e9bef4a557 Different dialog if installing a single app 2017-05-08 11:41:33 +01:00
Bob Mottram 8aae0dfd84 Title when adding apps 2017-05-08 11:36:52 +01:00
Bob Mottram cddd8f3c22 Reintroduce nextcloud on the stable 11 branch 2017-05-08 11:27:14 +01:00
Bob Mottram c664d19323 armadillo owner string 2017-05-07 21:38:06 +01:00
Bob Mottram 90501bd145 Remove the initial armadillo config if necessary 2017-05-07 19:18:14 +01:00
Bob Mottram d145cf739f Use armadillo 2017-05-07 19:09:07 +01:00
Bob Mottram ca08ef487d Add armadillo UI 2017-05-07 18:19:45 +01:00
Bob Mottram 368fd5b8d2 Don't need to copy jitsi certs 2017-05-07 16:12:02 +01:00
Bob Mottram 02998336dc Bump gnusocial commit 2017-05-07 16:02:49 +01:00
Bob Mottram d22f699b5a Disable jitsi meet for now
This nightly repo isn't ideal and looks like it might cause problems
2017-05-07 15:28:02 +01:00
Bob Mottram 24f4f043f2 Run blocking rules after adding a new rule 2017-05-07 14:39:51 +01:00
Bob Mottram 267ff1f8a2 Fixing jitsi meet 2017-05-07 14:30:35 +01:00
Bob Mottram ce071bcc7b Use letsencrypt cert for mumble 2017-05-07 12:55:02 +01:00
Bob Mottram d41fb6f08c Ensure that xmpp cert paths get converted on certificate reissue 2017-05-07 11:49:13 +01:00
Bob Mottram fc0a20c2da Revert "Protocol specification for prosody 0.10+"
This reverts commit 29cac8fc6a.
2017-05-07 11:33:34 +01:00
Bob Mottram 8c71dd25f0 Increase depth to accomodate intermediate certificates 2017-05-07 11:17:21 +01:00
Bob Mottram 29cac8fc6a Protocol specification for prosody 0.10+ 2017-05-07 11:05:29 +01:00
Bob Mottram 31671f6194 Avoid copying xmpp certs 2017-05-07 10:52:00 +01:00
Bob Mottram 27907b5d45 Fix other passwords 2017-05-06 16:21:27 +01:00
Bob Mottram a08f0b52d1 Limit password to characters or numbers
This avoids crazy characters which are hard to type
2017-05-06 16:09:51 +01:00
Bob Mottram 1b341b87e1 Mention Riot Web 2017-05-06 14:43:49 +01:00
Bob Mottram 8bda053fd9 Documentation for Matrix 2017-05-06 14:39:31 +01:00
Bob Mottram 407309fe8a Switch to mozilla recommended ciphers
These work better on Android devices
2017-05-05 22:31:24 +01:00
Bob Mottram 490a6c9982 Permissions on lets encrypt directory
To allow apps using a dedicated user account to read certificates
2017-05-05 21:17:44 +01:00
Bob Mottram 9e31cf4802 Enable letsencrypt
Why wasn't that on already?
2017-05-05 19:48:30 +01:00
Bob Mottram 878d6a8028 Check for incorrect cert type 2017-05-05 19:39:41 +01:00
Bob Mottram 05f81082d2 Only create certificate once 2017-05-05 19:32:28 +01:00
Bob Mottram a39685d1d3 Remove old cert 2017-05-05 19:28:54 +01:00
Bob Mottram 70d548fa1c Matrix install sequence 2017-05-05 19:12:34 +01:00
Bob Mottram 75093670eb Don't generate self signed certs for matrix 2017-05-05 19:00:50 +01:00
Bob Mottram d4083fa2db Fixing matrix install 2017-05-05 16:47:49 +01:00
Bob Mottram 4a8b70fc83 Remove sydent 2017-05-05 12:35:24 +01:00
Bob Mottram dceb07a885 certificate permission 2017-05-04 22:21:12 +01:00
Bob Mottram e87f4286bb matrix setup 2017-05-04 21:43:17 +01:00
Bob Mottram f1ae5ddd38 Restore matrix user creation 2017-05-04 17:42:08 +01:00
Bob Mottram 0530ff8a73 Remove spurious entry 2017-05-04 12:48:26 +01:00
Bob Mottram a849abc185 Matrix tweaks to bring into line with debian package config 2017-05-04 11:31:14 +01:00
Bob Mottram fad79baefc Remove exif metadata from images uploaded to gnusocial/postactiv 2017-05-03 17:02:50 +01:00
Bob Mottram e005cb3f54 postactiv screenshot 2017-05-02 21:59:26 +01:00
Bob Mottram 1336355d99 Document gnusocial user interface selection 2017-05-02 21:49:28 +01:00
Bob Mottram aeb47601dc gnusocial/postactiv classic UI apparently has some javascript 2017-05-02 21:42:44 +01:00
Bob Mottram 9c8980117e Switching user interfaces 2017-05-02 21:41:00 +01:00
Bob Mottram 39c1299f56 Permissions 2017-05-02 18:18:40 +01:00
Bob Mottram c9a1c8b510 ME might affect many x86 installs, so instead of stopping the show just remove the interface, which reduces risks a little 2017-05-02 17:35:23 +01:00
Bob Mottram cbddf8308f Check for AMT within tests, because it could get turned on after installation 2017-05-02 11:03:25 +01:00
Bob Mottram d6222879d2 Check for active Intel backdoor 2017-05-02 10:59:31 +01:00
Bob Mottram a5f3548b75 postactiv commit for 1.0.2 2017-05-01 22:09:24 +01:00
Bob Mottram bed2d8e245 postactiv commit 2017-05-01 17:44:50 +01:00
Bob Mottram 470e0009b7 Option to select the classic UI for gnusocial/postactiv 2017-05-01 17:34:32 +01:00
Bob Mottram 427e910b0f Only use usb canary on non-mesh installs 2017-05-01 12:34:47 +01:00
Bob Mottram aabb4503f0 usb canary only installs once 2017-05-01 12:28:44 +01:00
Bob Mottram c7bffe6a77 Add usb canary 2017-05-01 12:25:15 +01:00
Bob Mottram a075b9f62f Fix gnusocial user blocking query 2017-04-30 20:44:02 +01:00
Bob Mottram d433390aa9 Blocking and unblocking gnusocial/postactiv users 2017-04-30 20:19:20 +01:00
Bob Mottram b8bed7bd8e Fix pleroma install 2017-04-30 19:54:32 +01:00
Bob Mottram f1bf180a6e Remove unused nsfw plugin 2017-04-30 19:28:51 +01:00
Bob Mottram 37457255dc Bump postactiv commit 2017-04-29 09:57:44 +01:00
Bob Mottram c31ddedfeb Improve gnu-social-mode instructions 2017-04-27 16:28:27 +01:00
Bob Mottram 411896e794 Improve gnu-social-mode instructions 2017-04-27 16:28:20 +01:00
Bob Mottram b542c57399 Mention emacs mode with postactiv 2017-04-27 16:20:24 +01:00
Bob Mottram 3cd53452e0 Or 2017-04-27 15:56:52 +01:00
Bob Mottram c2ab127219 Blocking menu 2017-04-27 15:53:19 +01:00
Bob Mottram 3cc906d35e Domain or user 2017-04-27 15:43:09 +01:00
Bob Mottram 157fe17970 Notes on blocking domains and users 2017-04-27 15:39:57 +01:00
Bob Mottram 15167e3483 Use wildcard deletes so that thumbnails are included 2017-04-27 13:12:56 +01:00
Bob Mottram f483e4d488 Remove gnusocial files associated with blocked domains or users 2017-04-27 12:43:50 +01:00
Bob Mottram 7b2366891c Better check 2017-04-26 13:17:18 +01:00
Bob Mottram 423bea11ad Email refactoring 2017-04-25 15:49:08 +01:00
Bob Mottram bde41a1f21 Re-introduce rate limits on the firewall 2017-04-25 13:45:44 +01:00
Bob Mottram 38072abc54 Drop spoofed packets 2017-04-25 13:40:11 +01:00
Bob Mottram 3652cc5c87 Drop invalid packets 2017-04-25 13:06:52 +01:00
Bob Mottram 1c110b6f94 Drop more bogons 2017-04-25 13:01:23 +01:00
Bob Mottram 794962ac85 Drop any outgoing telnet connections 2017-04-25 12:28:26 +01:00
Bob Mottram 4a0982acd0 Expire qvitter notifications 2017-04-23 23:18:23 +01:00
Bob Mottram bc26972861 Block qvitter notifications 2017-04-23 23:12:37 +01:00
Bob Mottram 5232ddb305 Append 2017-04-23 17:27:19 +01:00
Bob Mottram bbfa6d353f Also expire files uploaded to gnusocial/postactiv 2017-04-23 17:25:10 +01:00
Bob Mottram a59923cc6e Set qvitter background 2017-04-22 19:07:23 +01:00
Bob Mottram 2a0ea6747a Also set qvitter background 2017-04-22 18:57:43 +01:00
Bob Mottram 3a09c0ebf2 Bump pleroma commit 2017-04-22 10:07:43 +01:00
Bob Mottram 8cd40f632d Single quote 2017-04-22 09:54:08 +01:00
Bob Mottram f2d1f0f860 Don't remove from conversation table 2017-04-21 20:13:55 +01:00
Bob Mottram 8a34b22417 Blocking individual gnusocial/postactiv nicknames 2017-04-21 18:40:45 +01:00
Bob Mottram 4ca6024342 Options to switch between qvitter and pleroma 2017-04-20 19:29:20 +01:00
Bob Mottram 60adb3ddf2 user id is probably different from profile id 2017-04-20 16:19:54 +01:00
Bob Mottram b8893ad63a Don't echo, because this can happen fairly often 2017-04-20 15:25:46 +01:00
Bob Mottram 22fa505a3e Scripts to remove blocked domains from gnusocial/postactiv databases 2017-04-20 13:43:55 +01:00
Bob Mottram c6eb3de0d1 leading zero 2017-04-20 10:55:33 +01:00
Bob Mottram da18dc225e Include outputs and forwards in domain blocks 2017-04-20 10:49:03 +01:00
Bob Mottram 71cb693fad Fix hex string 2017-04-20 10:46:40 +01:00
Bob Mottram c218eaa7a4 postactiv theme 2017-04-18 13:26:08 +01:00
Bob Mottram 541f2c4164 postactiv background 2017-04-18 12:31:11 +01:00
Bob Mottram 2dbbf8060a Customise postactiv logo 2017-04-18 10:45:09 +01:00
Bob Mottram ecf69ddd7f Upgrading pleroma background 2017-04-17 12:36:56 +01:00
Bob Mottram 631a35d62e Upgrading pleroma 2017-04-17 12:35:35 +01:00
Bob Mottram bc878af6bb searx install documentation 2017-04-16 21:01:12 +01:00
Bob Mottram 3ca85a5cbf Don't show searx icann address 2017-04-16 20:28:56 +01:00
Bob Mottram 58463c4a42 Move image 2017-04-16 20:18:10 +01:00
Bob Mottram 89cea3b909 Add searx documentation 2017-04-16 20:16:09 +01:00
Bob Mottram 40281de73e Comments 2017-04-16 18:56:49 +01:00
Bob Mottram 25f49664f7 Move the github ribbon 2017-04-16 17:50:22 +01:00
Bob Mottram 20f33b5b82 Ensure that searx settings are preserved during upgrades 2017-04-16 16:59:36 +01:00
Bob Mottram 079e370def Customize searx background 2017-04-16 16:14:53 +01:00
Bob Mottram 27f05ce96d searx 2017-04-16 15:09:57 +01:00
Bob Mottram 0e3be0dcee searx permissions 2017-04-16 15:09:08 +01:00
Bob Mottram 48d3fd0e3c Setting searx background 2017-04-16 15:07:39 +01:00
Bob Mottram 79b2dec434 Different searx theme 2017-04-16 12:24:49 +01:00
Bob Mottram 1661558583 gnusocial commit to fix follow bug 2017-04-16 10:43:14 +01:00
Bob Mottram 983c3695de cat 2017-04-15 23:10:14 +01:00
Bob Mottram e9f0f85a17 Overwrite existing settings 2017-04-15 22:58:48 +01:00
Bob Mottram fc5e3fad34 Improve searx configuration 2017-04-15 22:51:07 +01:00
Bob Mottram fc23a07460 Bump searx commit 2017-04-15 18:51:48 +01:00
Bob Mottram 2423394dba Current prosody 2017-04-15 18:47:07 +01:00
Bob Mottram c2e67dbc1f Revert "Deprecate searx"
This reverts commit e898de4e21.
2017-04-15 18:45:22 +01:00
Bob Mottram b89d1e8878 Prepare for the possibility of a pleroma app 2017-04-15 18:05:22 +01:00
Bob Mottram 316557fe43 Bump profanity commit 2017-04-15 16:39:41 +01:00
Bob Mottram 76b2982f03 Date 2017-04-15 13:26:38 +01:00
Bob Mottram 5630f6eed1 input rather than forward 2017-04-15 12:04:04 +01:00
Bob Mottram 71b0bb2b63 Fix hex string 2017-04-15 11:30:01 +01:00
Bob Mottram e103cf1122 Title 2017-04-15 11:01:19 +01:00
Bob Mottram 21ecdb718a Wildcards 2017-04-15 10:59:13 +01:00
Bob Mottram bccc400fa5 Bump pleroma commit 2017-04-15 10:45:08 +01:00
Bob Mottram 27ee88c57f More robust udate of prosody modules 2017-04-14 19:33:15 +01:00
Bob Mottram 3ec1ea9ec1 More robust udate of prosody modules 2017-04-14 19:32:52 +01:00
Bob Mottram 6c9e710d6b Update prosody build 2017-04-14 18:58:11 +01:00
Bob Mottram 87a7144ae3 Set sticky bits on public directories 2017-04-14 10:59:07 +01:00
Bob Mottram 39c126cba5 Remove any cached yarn files 2017-04-14 10:41:48 +01:00
Bob Mottram c7d31702b4 Show any world writable files 2017-04-14 10:39:02 +01:00
Bob Mottram 14617a85d9 Install nginx before npm 2017-04-13 20:49:58 +01:00
Bob Mottram 8c28f491ac Typo 2017-04-13 17:24:15 +01:00
Bob Mottram 79e446f01d Manage gogs config file during upgrades 2017-04-12 18:22:39 +01:00
Bob Mottram 60289687f4 Remove logging 2017-04-12 18:18:19 +01:00
Bob Mottram aa26715216 Back to quiet 2017-04-12 18:07:41 +01:00
Bob Mottram ed019d6bad Don't load gogs version 2017-04-12 18:06:27 +01:00
Bob Mottram c8bc36dcb9 Remove some logging 2017-04-12 17:54:23 +01:00
Bob Mottram 0b93a11402 Not quiet 2017-04-12 17:42:07 +01:00
Bob Mottram 942205d352 Test logging 2017-04-12 17:35:06 +01:00
Bob Mottram bf4563b1ae Test logging 2017-04-12 17:26:40 +01:00
Bob Mottram fdc1a4f8bf echo gogs versions 2017-04-12 16:31:22 +01:00
Bob Mottram fbd98fe640 Not quiet 2017-04-12 15:29:09 +01:00
Bob Mottram 90a148a8c2 echo 2017-04-12 15:21:29 +01:00
Bob Mottram 1d32397ab5 Single quotes 2017-04-12 15:19:45 +01:00
Bob Mottram 58923e0ab1 Remove tahoelafs more cleanly 2017-04-12 14:56:04 +01:00
Bob Mottram af0c8c02fa Bump gogs version 2017-04-12 14:43:35 +01:00
Bob Mottram 6001a81965 Bump mailpile commit 2017-04-12 14:39:41 +01:00
Bob Mottram a3afe971a6 gnu-social-mode screenshot 2017-04-11 21:14:17 +01:00
Bob Mottram fc20a67b6e Retire sharings
Maybe it will return with a pleroma link
2017-04-11 21:10:12 +01:00
Bob Mottram 534ede131f New gnusocial screenshots 2017-04-11 21:09:14 +01:00
Bob Mottram d088477335 A placeholder background for pleroma on postactiv 2017-04-11 17:41:25 +01:00
Bob Mottram e71d2a1d6f Possibility for separate pleroma default css 2017-04-11 14:23:45 +01:00
Bob Mottram b80a55c357 Default pleroma background for gnusocial 2017-04-11 14:20:40 +01:00
Bob Mottram c267271e95 Update pleroma 2017-04-10 17:00:11 +01:00
Bob Mottram 6293de4152 Close new registrations on friendica 2017-04-07 21:13:19 +01:00
Bob Mottram 29dda85f24 No onions 2017-04-07 20:10:25 +01:00
Bob Mottram 3c1f012888 friendica docs 2017-04-07 20:08:25 +01:00
Bob Mottram e15d4425ec Backslash 2017-04-07 18:07:41 +01:00
Bob Mottram 7da9828dc4 Allow http directory server 2017-04-07 18:00:15 +01:00
Bob Mottram c4a023bcab Show existing directory server 2017-04-07 17:58:11 +01:00
Bob Mottram 23c49ded06 Wording 2017-04-07 15:53:13 +01:00
Bob Mottram e03a67f1e3 Opening and closing friendica account registrations 2017-04-07 15:52:10 +01:00
Bob Mottram 5e3fed335e Setting friendica directory 2017-04-07 15:46:04 +01:00
Bob Mottram aa27f6c6c3 Delete the system 2017-04-07 14:46:18 +01:00
Bob Mottram 2de161f297 Missing backslash 2017-04-07 14:32:40 +01:00
Bob Mottram a5063b11c0 Friendica database schema 2017-04-07 14:22:01 +01:00
Bob Mottram 48f0c23ff3 Friendica app 2017-04-07 14:06:28 +01:00
Bob Mottram 49c9da578c Restart nginx after pleroma install 2017-04-05 13:28:56 +01:00
Bob Mottram 5d1a670df7 gnusocial expire in crontab 2017-04-05 12:49:37 +01:00
Bob Mottram 5db30ada00 Ability to set gnusocial expire period from control panel 2017-04-05 11:58:20 +01:00
Bob Mottram 7d0f470389 Consolidate gnusocial post expiry script 2017-04-05 11:23:04 +01:00
Bob Mottram 5239a36ded Upgrading pleroma 2017-04-04 23:10:20 +01:00
Bob Mottram 256273e6b9 Ensure that any queue daemons are killed on removal 2017-04-04 20:16:00 +01:00
Bob Mottram c5b694a439 Back to master 2017-04-04 20:07:50 +01:00
Bob Mottram 90a4f3d77a Use index.html rather than pleroma.html 2017-04-04 16:31:44 +01:00
Bob Mottram 1dd5228ef6 Remove hourly script before stopping daemons 2017-04-04 15:54:20 +01:00
Bob Mottram f954fccfff Duplicate cd 2017-04-04 12:40:43 +01:00
Bob Mottram ce8696f0fa Consolidate gnusocial hourly scripts 2017-04-04 11:11:19 +01:00
Bob Mottram a915812150 Update gnusocial hourly script 2017-04-04 10:53:44 +01:00
Bob Mottram 38474b8948 Run postactiv daemons 2017-04-04 10:49:09 +01:00
Bob Mottram 1269193713 Bump postactiv commit 2017-04-04 10:47:06 +01:00
Bob Mottram 0ae213a7ea Get domain name 2017-04-03 23:27:10 +01:00
Bob Mottram ed1df8bdf5 Quotes 2017-04-03 22:54:39 +01:00
Bob Mottram 417a6fed14 test background change 2017-04-03 22:47:58 +01:00
Bob Mottram 8eebb4f489 Get last return value 2017-04-03 22:33:30 +01:00
Bob Mottram 514a536f40 static subdirectory 2017-04-03 22:02:06 +01:00
Bob Mottram 3e8e274210 Setting pleroma background 2017-04-03 21:13:16 +01:00
Bob Mottram 240a9e9283 Additional index on http redirect 2017-04-03 20:24:25 +01:00
Bob Mottram c5658b22d2 Change qvitter logo 2017-04-02 23:23:08 +01:00
Bob Mottram 9ec20428da Fix hourly daemons 2017-04-02 21:44:49 +01:00
Bob Mottram 1e5784cd8e update to populate qvitter notifications table 2017-04-02 19:34:09 +01:00
Bob Mottram 260b4a7de0 gnusocial update script 2017-04-02 17:55:05 +01:00
Bob Mottram 55c68abc6e Warn if pleroma cannot be installed 2017-04-02 17:35:05 +01:00
Bob Mottram 4a7cecfa4f syntax 2017-04-02 17:24:58 +01:00
Bob Mottram 315077c693 Disable pleroma on ARM systems
It requires node-sass which won't install on ARM
2017-04-02 17:15:48 +01:00
Bob Mottram 4286f536d0 install_dir 2017-04-02 15:18:33 +01:00
Bob Mottram 650fb2e2df v prefix 2017-04-02 14:15:45 +01:00
Bob Mottram 1999bf62ab npm install 2017-04-02 13:55:14 +01:00
Bob Mottram ef7a9aa39e Remove pleroma code on gnusocial removal 2017-04-02 13:32:55 +01:00
Bob Mottram 031a0581ec Not 2017-04-02 13:30:49 +01:00
Bob Mottram d37e7f3888 Use upgrade rather than install 2017-04-02 11:42:07 +01:00
Bob Mottram 64f7975df6 nodejs upgrades 2017-04-02 11:40:34 +01:00
Bob Mottram 4791e7728e Install npm version 2017-04-01 23:32:41 +01:00
Bob Mottram 45f74e2fbc Check for index file 2017-04-01 23:02:37 +01:00
Bob Mottram 7230ccbd3e Probably don't need sensitivecontent plugin 2017-04-01 22:13:02 +01:00
Bob Mottram 427fba73e4 Check that blog gets created 2017-03-31 23:57:14 +01:00
Bob Mottram 7e9f998694 return rather than exit 2017-03-31 23:15:31 +01:00
Bob Mottram 91228ef25a Generate blog at end of install 2017-03-31 22:59:30 +01:00
Bob Mottram 84bb8fae3a pelican 2017-03-31 22:54:21 +01:00
Bob Mottram 601b62e3d6 pelican 2017-03-31 22:50:57 +01:00
Bob Mottram c6e157a105 Remove web install for pelican 2017-03-31 22:46:24 +01:00
Bob Mottram fb4d8e982b Invert logic 2017-03-31 22:44:28 +01:00
Bob Mottram f581fd4eba Remove pelican function 2017-03-31 22:39:44 +01:00
Bob Mottram 8eecc01d65 pelican onion address 2017-03-31 22:36:59 +01:00
Bob Mottram 65025208c0 Add pelican to available apps 2017-03-31 21:50:55 +01:00
Bob Mottram b0cbe9c4ac year 2017-03-31 21:49:20 +01:00
Bob Mottram ddcbe1ca1a pelican web site 2017-03-31 21:47:00 +01:00
Bob Mottram 665f1f6bbe Bump pleroma commit 2017-03-31 18:22:07 +01:00
Bob Mottram 1a2d9c55f0 Bump gnusocial commit 2017-03-31 18:09:42 +01:00
Bob Mottram 425a4fc132 Block bad ip ranges 2017-03-31 15:27:09 +01:00
Bob Mottram bd1df3f79f Matrix mods 2017-03-31 13:37:04 +01:00
Bob Mottram dfccc08009 Publish to web directory 2017-03-26 13:02:04 +01:00
Bob Mottram f29191d71f Custom editor setup for Pelican 2017-03-26 12:50:52 +01:00
Bob Mottram a6f77d84cf Pelican interactive configuration 2017-03-26 12:36:52 +01:00
Bob Mottram 1b9d528ed6 Pelican blog backups 2017-03-26 11:31:21 +01:00
Bob Mottram bfeb35c89f Switch logo within pleroma 2017-03-25 18:19:39 +00:00
Bob Mottram 4421c64357 Interactive config for static blog 2017-03-25 18:07:31 +00:00
Bob Mottram 5cc277740b Use onion address in xmpp virtualhost 2017-03-24 20:43:14 +00:00
Bob Mottram 2487997a4c onion only xmpp install 2017-03-24 19:57:14 +00:00
Bob Mottram f51c1c874f install! 2017-03-24 19:13:39 +00:00
Bob Mottram adeb979c7b Check that mercurial gets installed 2017-03-24 19:11:23 +00:00
Bob Mottram 71a86c7631 New logos 2017-03-20 16:29:35 +00:00
Bob Mottram d24655a5b3 Scheduled stig tests 2017-03-18 14:26:02 +00:00
Bob Mottram 84d4ffb0f7 Remove any straggling jitsi certs 2017-03-18 12:58:16 +00:00
Bob Mottram 8619bfa00c mailpile cert permissions 2017-03-18 12:52:11 +00:00
Bob Mottram 0913425df4 Take ownership of the snakeoil 2017-03-18 12:48:54 +00:00
Bob Mottram 44344d507d Ratchet permissions 2017-03-18 11:30:08 +00:00
Bob Mottram 16d1681d35 bad yarn cache permissions 2017-03-18 11:24:19 +00:00
Bob Mottram 95702debd8 stig tests option to lockdown permissions 2017-03-18 10:50:52 +00:00
Bob Mottram a0950a20a2 Don't show nextcloud on menu 2017-03-14 23:45:05 +00:00
Bob Mottram a9b02b93b5 memcached for nextcloud 2017-03-14 23:00:26 +00:00
Bob Mottram 3cd29d8b33 Make nextcloud data directory writable 2017-03-14 22:31:40 +00:00
Bob Mottram 7c40b53833 use letsencrypt for ssl 2017-03-14 22:26:35 +00:00
Bob Mottram 3e66938299 Restart web server after nextcloud removal 2017-03-14 22:09:12 +00:00
Bob Mottram 53d4b075f1 Nextcloud onion port 2017-03-14 22:06:02 +00:00
Bob Mottram a7f21e2cc1 freedns code for nextcloud 2017-03-14 21:59:43 +00:00
Bob Mottram a445707bff Dialog dimensions 2017-03-14 21:52:28 +00:00
Bob Mottram c504aae1d7 nextcloud app 2017-03-14 21:40:40 +00:00
Bob Mottram e03299f191 mediagoblin upgrades 2017-03-11 16:42:28 +00:00
Bob Mottram f24ad2cd17 Better handling of xmpp upgrades 2017-03-11 16:14:24 +00:00
Bob Mottram c938e6313a Gogs version 0.10.8 2017-03-11 14:52:13 +00:00
Bob Mottram 23a2587980 Don't show rss icann address on about screen 2017-03-09 23:35:45 +00:00
Bob Mottram b5185be6cc Don't show icann address for tahoelafs 2017-03-09 23:33:41 +00:00
Bob Mottram 4b83b21468 Revert "Don't need site password"
This reverts commit 90c70ed497.
2017-03-09 22:41:27 +00:00
Bob Mottram e2af0792d6 Revert "Remove tahoelafs site password"
This reverts commit 5bab5cded6.
2017-03-09 22:40:46 +00:00
Bob Mottram be4efcfbf5 Note about tahoelafs url 2017-03-09 19:21:34 +00:00
Bob Mottram 5bab5cded6 Remove tahoelafs site password 2017-03-09 19:09:52 +00:00
Bob Mottram 90c70ed497 Don't need site password 2017-03-09 19:01:41 +00:00
Bob Mottram f62ebca99e tahoe image 2017-03-09 18:23:12 +00:00
Bob Mottram b098eba618 Dialog size 2017-03-09 18:01:35 +00:00
Bob Mottram 1a3be995ac tahoelahs documentation 2017-03-09 10:14:06 +00:00
Bob Mottram f34b1ddc91 Tahoe-LAFS documentation 2017-03-09 10:11:50 +00:00
Bob Mottram e49837b24b furl format 2017-03-08 18:45:40 +00:00
Bob Mottram b9f259e4f4 furl format 2017-03-08 18:44:15 +00:00
Bob Mottram 394c27fe2d furl format 2017-03-08 18:41:24 +00:00
Bob Mottram 1babdf5db2 Echo rather than cat 2017-03-08 18:37:19 +00:00
Bob Mottram 7042fa0015 furl format 2017-03-08 18:32:28 +00:00
Bob Mottram a290548c1a Restart tor after tahoelafs install 2017-03-08 17:52:03 +00:00
Bob Mottram f37145d13e International login text 2017-03-08 17:33:06 +00:00
Bob Mottram 2676a9da9b Typo 2017-03-08 17:26:37 +00:00
Bob Mottram 277cac62af Remove tahoelafs password file 2017-03-08 16:40:12 +00:00
Bob Mottram 6e12e97109 Login for tahoelafs client 2017-03-08 16:38:38 +00:00
Bob Mottram af47f92bb8 Merge branch 'master' of https://github.com/bashrc/freedombone 2017-03-08 16:11:02 +00:00
Bob Mottram 32906661ab Use port 80 2017-03-08 16:09:34 +00:00
Bob Mottram b432556f3b Hubzilla 2.2 2017-03-08 09:59:42 +00:00
Bob Mottram d21fe21751 Check for proxycommand 2017-03-07 18:33:38 +00:00
Bob Mottram 5a17919b71 Single quotes 2017-03-07 18:31:32 +00:00
Bob Mottram 283782bf72 Don't overwrite client ssh config #68 2017-03-07 18:27:53 +00:00
Bob Mottram f0fb62eaeb Colon 2017-03-07 16:22:54 +00:00
Bob Mottram 848244634d Create server file after start 2017-03-07 15:50:14 +00:00
Bob Mottram a9d7f9b593 Create tahoelafs server file after running storage node 2017-03-07 15:40:29 +00:00
Bob Mottram 0db2ec2481 storage service directory 2017-03-07 15:20:25 +00:00
Bob Mottram df259331b8 Messages when adding tahoelafs server 2017-03-07 15:16:45 +00:00
Bob Mottram 1d868312e0 Removing stealth onions 2017-03-07 15:12:34 +00:00
Bob Mottram 64aa7eb944 Check for server file 2017-03-07 14:59:17 +00:00
Bob Mottram 10258bd293 Check tahoelafs server creation 2017-03-07 14:48:18 +00:00
Bob Mottram 4501edce9b tahoelafs storage node onion service name 2017-03-07 11:06:51 +00:00
Bob Mottram 492946d17f function name 2017-03-07 10:40:07 +00:00
Bob Mottram 9dc6e1d464 Remove prefix from public key 2017-03-07 10:37:16 +00:00
Bob Mottram 2f8f2f2324 tahoelafs port 2017-03-07 10:32:24 +00:00
Bob Mottram d8f57bbdea Set tahoelafs shares 2017-03-07 10:15:06 +00:00
Bob Mottram cfc4030d2f Show tahoelafs onion domain 2017-03-07 00:02:05 +00:00
Bob Mottram 3c31be64b5 Reimplementation of tahoelafs 2017-03-06 23:59:18 +00:00
Bob Mottram f08b54efa9 Disable port 2017-03-05 23:34:08 +00:00
Bob Mottram ff046906ef disable web port 2017-03-05 23:28:36 +00:00
Bob Mottram 54e77d2654 disable storage location 2017-03-05 23:19:20 +00:00
Bob Mottram 67fee2610b Creating storage directory 2017-03-05 21:30:44 +00:00
Bob Mottram 5ec05a15bb No hostname 2017-03-05 21:23:14 +00:00
Bob Mottram c72041ff1e furl location 2017-03-05 21:13:44 +00:00
Bob Mottram e41aebfaea dash 2017-03-05 21:11:15 +00:00
Bob Mottram a638449caa tor group 2017-03-05 21:09:38 +00:00
Bob Mottram 00aceb2946 Sequence 2017-03-05 21:05:03 +00:00
Bob Mottram 42dbd06431 Create daemon 2017-03-05 20:59:23 +00:00
Bob Mottram 4187b12e9e Start daemon after introducer creation 2017-03-05 20:51:47 +00:00
Bob Mottram d3cd1dc08f Directory permissions 2017-03-05 20:46:53 +00:00
Bob Mottram 74be19f042 Check for config file 2017-03-05 20:38:37 +00:00
Bob Mottram 4cf81861a1 tahoelafs storage node 2017-03-05 19:49:18 +00:00
Bob Mottram 4bf3a5a012 Same line 2017-03-05 15:14:50 +00:00
Bob Mottram 32cc9f86da Fixing the tahoe daemon 2017-03-05 14:01:44 +00:00
Bob Mottram fe55f2976e No tahoelafs web 2017-03-05 13:07:45 +00:00
Bob Mottram 81256df64f Show tahoe domain on about screen 2017-03-05 12:10:58 +00:00
Bob Mottram 3c65d3b6c1 tahoe web interface 2017-03-05 12:09:45 +00:00
Bob Mottram 43760ee860 Typo 2017-03-05 10:39:11 +00:00
Bob Mottram fce9094978 Don't show tahoe domain on about screen 2017-03-05 10:35:53 +00:00
Bob Mottram 8dab145852 filename 2017-03-05 10:32:01 +00:00
Bob Mottram 4b6a159d50 Show tahoe-lafs introducer on about screen 2017-03-05 10:30:15 +00:00
Bob Mottram d546d82db9 Run the tahoe-lafs daemon 2017-03-04 23:31:47 +00:00
Bob Mottram 055d52e4f7 Add txtorcon for tahoe over tor 2017-03-04 23:09:40 +00:00
Bob Mottram 392dd085fe Bad sed syntax 2017-03-04 22:55:30 +00:00
Bob Mottram 873f67068d Bump /tmp to 150M to allow tahoe-lafs install 2017-03-04 22:31:08 +00:00
Bob Mottram 19c7a64299 Go back to usual tmp 2017-03-04 22:20:14 +00:00
Bob Mottram bd29f31007 Use a different tmp directory 2017-03-04 21:53:14 +00:00
Bob Mottram 89d5d0a4c4 Clear temp files 2017-03-04 21:20:30 +00:00
Bob Mottram 37d3a81af9 Clear temp files 2017-03-04 21:18:35 +00:00
Bob Mottram 22c6850300 Introducer directory 2017-03-04 21:02:02 +00:00
Bob Mottram fcd30ceef1 Call completed function 2017-03-04 20:53:37 +00:00
Bob Mottram 9ecbd11ff1 Remove directories 2017-03-04 20:49:49 +00:00
Bob Mottram d9a82086a2 Tidying 2017-03-04 20:45:19 +00:00
Bob Mottram 4b6a7febcf Data directory 2017-03-04 20:41:48 +00:00
Bob Mottram 2fa4ba880d setuptools first 2017-03-04 19:42:13 +00:00
Bob Mottram f0c8073a08 Double equals 2017-03-04 19:40:24 +00:00
Bob Mottram c0d2cedf7b appdirs version 2017-03-04 19:37:17 +00:00
Bob Mottram b2397ed19b More tahoelafs packages 2017-03-04 19:36:16 +00:00
Bob Mottram 7db9966b21 No cd 2017-03-04 18:20:31 +00:00
Bob Mottram b6abb5c7e6 Directories 2017-03-04 18:18:07 +00:00
Bob Mottram fa0eba1108 Removing tahoe-lafs daemon 2017-03-04 17:52:15 +00:00
Bob Mottram a8fbe26dfb tahoe-lafs dependencies 2017-03-04 17:49:44 +00:00
Bob Mottram 2ea8012dd2 tahoelafs permissions after upgrade 2017-03-04 15:36:58 +00:00
Bob Mottram 9d6cbdd169 Empty reconfigure function 2017-03-03 23:30:55 +00:00
Bob Mottram 6c6a287fd1 tahoelafs removal 2017-03-03 23:28:52 +00:00
Bob Mottram 686181d3f4 Only install a tahoelafs introducer 2017-03-03 23:25:38 +00:00
Bob Mottram d974ae708f Comment 2017-03-03 18:56:32 +00:00
Bob Mottram 06159ffdf3 Reintroduce tahoe-lafs 2017-03-03 18:48:33 +00:00
Bob Mottram d6e41c693c Pleroma uses smaller white logo 2017-02-26 22:05:52 +00:00
Bob Mottram 1414edb2a5 Enable site after certificate creation 2017-02-25 11:36:24 +00:00
Bob Mottram 68a0c17459 Confirm deletion of certificate 2017-02-25 11:33:18 +00:00
Bob Mottram 047ca9979a Menu option to delete a letsencrypt certificate 2017-02-25 11:28:55 +00:00
Bob Mottram 747f533efb Extra packages 2017-02-24 15:44:01 +00:00
Bob Mottram 44bacbf3a2 Different inadyn build 2017-02-23 22:12:07 +00:00
Bob Mottram 077fa980f2 Web server in image 2017-02-23 20:08:30 +00:00
Bob Mottram a2bc3cd03b typo 2017-02-23 19:27:33 +00:00
Bob Mottram b29333044b No monkeysphere on image build 2017-02-23 18:47:35 +00:00
Bob Mottram a65ccc37df Don't set up firewall when creating image 2017-02-23 17:04:09 +00:00
Bob Mottram 5e3a5215fa Fixing image utils install 2017-02-23 15:57:44 +00:00
Bob Mottram fbeb938fc8 Include more of the base install within image builds 2017-02-23 15:44:09 +00:00
Bob Mottram 51fe656e87 Disable daemons and qvitter/pleroma on postactiv 2017-02-22 23:32:07 +00:00
Bob Mottram cc952a9c07 More exact match of daemon names 2017-02-22 23:17:08 +00:00
Bob Mottram 6ddaf16c5b Change pleroma title 2017-02-22 21:54:05 +00:00
Bob Mottram a2b3c286cf postactiv daemons 2017-02-22 21:47:40 +00:00
Bob Mottram baa8c80701 Parameter numbers 2017-02-22 21:40:06 +00:00
Bob Mottram 80ead339b6 Uninstall pleroma for postactiv 2017-02-22 21:35:34 +00:00
Bob Mottram 081e73a5bc Typo 2017-02-22 21:31:57 +00:00
Bob Mottram 54f4d95e8a postactiv interactive configuration 2017-02-22 21:14:56 +00:00
Bob Mottram 35bbaca5a7 Include background image and title in postactiv interactive install 2017-02-22 21:08:12 +00:00
Bob Mottram 89b37d8bc0 Add qvitter and pleroma to postactiv 2017-02-22 21:00:27 +00:00
Bob Mottram 094151d82e Move gnusocial web UI to pleroma
Note that qvitter is still needed, but may be deprecated later
2017-02-22 20:51:23 +00:00
Bob Mottram e41728d618 Remove symlinks if they exist 2017-02-20 17:57:41 +00:00
Bob Mottram 0631a8b4a7 Update running scripts 2017-02-18 12:05:58 +00:00
Bob Mottram 7ff504d84d Clean file table 2017-02-18 12:04:23 +00:00
Bob Mottram 3bbec8cf91 Run postactiv scripts without complaints 2017-02-18 11:27:37 +00:00
Bob Mottram 4871fd282b Noninteractive php script 2017-02-18 11:13:26 +00:00
Bob Mottram eb132448bf Run additional housekeeping scripts for postactiv 2017-02-18 11:02:21 +00:00
Bob Mottram 75dd7c5fd2 Always uninstall 2017-02-17 15:42:58 +00:00
Bob Mottram aae9c16056 Bump matrix commits 2017-02-17 15:18:48 +00:00
Bob Mottram caf938c1a5 Upgrade gogs version to 0.9.141 2017-02-17 15:08:49 +00:00
Bob Mottram f17624066a Go upgrade to 1.8 2017-02-17 15:05:02 +00:00
Bob Mottram a90b27e1ca Ensure that encryption warnings are visible 2017-02-10 23:26:22 +00:00
Bob Mottram 249daf7d0e No logging of PGP messages 2017-02-10 23:25:13 +00:00
Bob Mottram 0a3eb744dd No logging of OTR messages 2017-02-10 23:24:18 +00:00
Bob Mottram 7eba87da16 Opportunistic OTR 2017-02-10 23:16:33 +00:00
Bob Mottram f4db3df364 uninstall before reinstall of omemo plugin 2017-02-09 21:58:40 +00:00
Bob Mottram 7f0a93e467 Try to fix profanity omemo plugin 2017-02-09 21:41:38 +00:00
Bob Mottram 17f961a379 Bump profanity commits 2017-02-09 18:20:17 +00:00
Bob Mottram 57781ebcc0 Set profanity gpg key 2017-02-09 18:17:54 +00:00
Bob Mottram 4c8a862488 Use onion xmpp server for profanity 2017-02-09 16:10:58 +00:00
Bob Mottram 03c1fee44a Matrix domain certificate 2017-02-09 12:53:42 +00:00
Bob Mottram b94c1c9cae Re-enable matrix firewall 2017-02-09 12:43:54 +00:00
Bob Mottram f065fe9182 Enable tls on matrix homeserver 2017-02-09 12:42:06 +00:00
Bob Mottram fbfa151ab9 Remove webclient 2017-02-09 12:41:06 +00:00
Bob Mottram 7318f2288b Read matrix domain parameters 2017-02-09 12:26:03 +00:00
Bob Mottram c44180aa8e Use a separate domain for matrix homeserver 2017-02-09 11:34:58 +00:00
Bob Mottram 5fee9464d1 Remove matrix web client 2017-02-08 19:34:01 +00:00
Bob Mottram 7d143bce4d Don't use matrix firewall 2017-02-08 19:18:39 +00:00
Bob Mottram 486dd18fdb Different matrix port 2017-02-08 19:16:40 +00:00
Bob Mottram b0526a6eba Disable matrix web client 2017-02-08 18:21:29 +00:00
Bob Mottram 197920ffae Disable matrix web client 2017-02-08 17:50:24 +00:00
Bob Mottram e36ec5c0fb Avoid sydent generation step 2017-02-08 17:19:55 +00:00
Bob Mottram cc3321ab82 Try different sydent commit 2017-02-08 15:05:58 +00:00
Bob Mottram adeb17033f Set default sydent port 2017-02-08 14:46:52 +00:00
Bob Mottram d9a1c0d5e6 tls1 2017-02-08 11:13:05 +00:00
Bob Mottram 3ffa98507d sydent subdirectory 2017-02-07 18:22:07 +00:00
Bob Mottram 74bc2e2948 Wait for database creation 2017-02-07 16:29:51 +00:00
Bob Mottram 72e388ec37 Identity server returns 2017-02-07 16:21:19 +00:00
Bob Mottram 3c58c76dca Check if sydent was installed 2017-02-07 16:03:45 +00:00
Bob Mottram 18ec448cad No identity server 2017-02-07 16:00:01 +00:00
Bob Mottram 82d353e9d0 Remove directory contents if it exists 2017-02-07 15:52:29 +00:00
Bob Mottram 8960b0851a Remove directory contents if it exists 2017-02-07 15:48:54 +00:00
Bob Mottram e7b1951c53 Re-enable matrix homeserver 2017-02-07 13:50:25 +00:00
Bob Mottram 2b0c649f3f Bump omemo plugin commit 2017-01-31 21:08:08 +00:00
Bob Mottram df6bf73417 A few more xmpp domains 2017-01-31 20:42:48 +00:00
Bob Mottram abbb593ee6 Extra xmpp server 2017-01-29 18:35:08 +00:00
Bob Mottram ab8f0447fb Change message 2017-01-29 13:46:57 +00:00
Bob Mottram 3f720ed481 Exit string 2017-01-29 13:43:35 +00:00
Bob Mottram 1b8bdaccfe Exclude non list stuff 2017-01-29 13:42:16 +00:00
Bob Mottram fccbbfaf4e onion addresses for known xmpp servers 2017-01-29 13:37:13 +00:00
Bob Mottram f838417de0 gpg trust model 2017-01-26 00:04:42 +00:00
Bob Mottram 63f8de0023 Remove by key id 2017-01-25 23:11:14 +00:00
Bob Mottram 703e53ccf9 Get prosody nightly source from fbone repo
This ensures that the install is always consistent
2017-01-16 15:38:08 +00:00
Bob Mottram a8092322e4 Do rss modifications anyway 2017-01-16 15:16:51 +00:00
Bob Mottram 8408be4c25 Prosody nightly 2017-01-16 15:15:30 +00:00
Bob Mottram 08252a023a Bump profanity commit 2017-01-16 14:50:04 +00:00
Bob Mottram 72cfef8bb7 Avoid reporting pihole updates 2017-01-15 14:50:42 +00:00
Bob Mottram c1ac920a87 Commit after rss modifications 2017-01-15 13:33:17 +00:00
Bob Mottram 61ef4a3c35 Use hex numbers 2017-01-13 20:58:54 +00:00
Bob Mottram 1ada2d7a78 Domain blocking in FAQ 2017-01-13 20:19:20 +00:00
Bob Mottram 88a987446f Check that domains contain dots 2017-01-13 20:12:29 +00:00
Bob Mottram 27f819f4ef Add domain blocking to admin control panel 2017-01-13 19:57:19 +00:00
Bob Mottram 24db8ee43c Remove off-site links within ghost blog 2017-01-12 20:20:36 +00:00
Bob Mottram 8dacd26f16 Enable ghost privacy option
It's a pity this isn't the default
2017-01-12 18:55:34 +00:00
Bob Mottram 851ede2ae1 Proxy setting 2017-01-08 13:43:56 +00:00
Bob Mottram e67330354e Test for different string 2017-01-07 17:44:20 +00:00
Bob Mottram f2524741ed Ensure that PEP gets fixed after an upgrade 2017-01-07 12:00:33 +00:00
Bob Mottram 40ec74c329 Fix broken PEP in prosody 2017-01-07 11:56:07 +00:00
Bob Mottram 1f7165ece3 Test for emails with no subject lines 2017-01-07 11:13:24 +00:00
Bob Mottram bf40e04c80 Tidying 2017-01-06 11:33:19 +00:00
Bob Mottram bbd3a78570 No generic beaglebone setup 2017-01-05 23:21:58 +00:00
Bob Mottram a018577d19 boot setup for beaglebone black wireless 2017-01-05 23:12:34 +00:00
Bob Mottram 01936b3311 Wifi settings description 2017-01-05 15:07:46 +00:00
Bob Mottram d8d8ba5b0f Image target for the Beaglebone Black Wireless 2017-01-05 14:12:08 +00:00
Bob Mottram fffc1cfbe7 Clear temp files daily 2017-01-03 21:53:49 +00:00
Bob Mottram 27ec9e01e0 Revert rss to a commit of yore
This does not have the notorious 501 errors when proxying through Tor
2017-01-03 15:23:55 +00:00
Bob Mottram 3bdabf7bf2 Clear temporary files before upgrade 2017-01-03 14:26:45 +00:00
Bob Mottram 134bb2c129 More temp directory clearing 2017-01-03 14:24:31 +00:00
Bob Mottram 2826761fcb Remove any temp files before installs or upgrades 2017-01-03 14:07:54 +00:00
Bob Mottram 3b96ffd37f Check if matrix is installed 2017-01-03 14:01:52 +00:00
Bob Mottram c051ab2524 Bump rss commit 2017-01-03 13:47:56 +00:00
Bob Mottram fa83271da7 Set rss permissions after upgrades 2017-01-02 18:26:22 +00:00
Bob Mottram 08bec8c31c Remove matrix from selectable apps 2017-01-01 23:08:37 +00:00
Bob Mottram b39e2f7270 Shelve matrix for now
In tests it's too unreliable and appears not to work with standard browsers
2017-01-01 23:06:28 +00:00
Bob Mottram 278ac3ce28 Deprecate earlier matrix attempt 2017-01-01 23:04:59 +00:00
Bob Mottram 2632e5bad5 Handle onion only registrations 2017-01-01 22:03:46 +00:00
Bob Mottram 016db276bd Single quotes 2017-01-01 21:39:55 +00:00
Bob Mottram af25e3812f Quiet 2017-01-01 21:38:41 +00:00
Bob Mottram 4cb50a5b66 Back to v1 2017-01-01 21:35:21 +00:00
Bob Mottram 70b230294e No bracket 2017-01-01 21:24:22 +00:00
Bob Mottram 51c41cdbb8 TLS version 1.2 2017-01-01 21:20:32 +00:00
Bob Mottram 796560972b Don't change web config repeatedly 2017-01-01 21:05:07 +00:00
Bob Mottram eab55a3c49 Double quotes 2017-01-01 21:03:20 +00:00
Bob Mottram 4939d522f6 Separators 2017-01-01 20:59:04 +00:00
Bob Mottram 42e433934a matrix protocols 2017-01-01 20:55:57 +00:00
Bob Mottram 2778298607 Reorganize matrix 2017-01-01 20:40:08 +00:00
Bob Mottram 24e906dab5 Disable new registrations from clients 2016-12-31 18:44:35 +00:00
Bob Mottram 3700fde49e Server name 2016-12-31 16:24:23 +00:00
Bob Mottram 75cf4d62d6 Starting and stopping services 2016-12-31 16:02:44 +00:00
Bob Mottram a0972bab26 Backup and restore matrix identity server 2016-12-31 15:57:36 +00:00
Bob Mottram 347a172822 underscore 2016-12-31 15:54:00 +00:00
Bob Mottram 8b78504ac8 matrix server names 2016-12-31 15:07:33 +00:00
Bob Mottram 46140a6e74 Set mailpile permissions after upgrade 2016-12-31 14:49:36 +00:00
Bob Mottram 8bbd067efc sleep 2016-12-31 14:40:46 +00:00
Bob Mottram 721152d563 No sleep 2016-12-31 14:37:33 +00:00
Bob Mottram 86487b69ef Upgrade in a different place 2016-12-31 14:34:21 +00:00
Bob Mottram b7873b29ae Restart more things 2016-12-31 14:26:22 +00:00
Bob Mottram ec8a379e1d Set forwarded header 2016-12-31 14:16:58 +00:00
Bob Mottram 82ae5fb152 Change ssl protocol 2016-12-31 14:12:08 +00:00
Bob Mottram 9b8f9f1e20 Sleep less 2016-12-31 13:51:30 +00:00
Bob Mottram 8f2ba8a5f3 Matrix dependency 2016-12-31 13:51:00 +00:00
Bob Mottram 9622e848e4 Longer sleep 2016-12-31 13:35:03 +00:00
Bob Mottram f1edaf09ba sydent upgrade 2016-12-31 13:31:40 +00:00
Bob Mottram e50691d56e Sleep less 2016-12-31 13:04:05 +00:00
Bob Mottram 816008f576 Tidying 2016-12-31 13:02:54 +00:00
Bob Mottram ed7ab0f2e1 typo 2016-12-31 13:00:02 +00:00
Bob Mottram c1e6dd9efc No dash 2016-12-31 12:45:18 +00:00
Bob Mottram ca3a807fd2 Generate config in separate directory 2016-12-31 12:20:02 +00:00
Bob Mottram 323855a95b generate identity server config 2016-12-31 12:15:24 +00:00
Bob Mottram a54ce1af0c Remove additional proxies 2016-12-31 12:10:12 +00:00
Bob Mottram 7a966bb0a9 Fix identity server 2016-12-31 12:04:34 +00:00
Bob Mottram 377684646b Matrix identity server 2016-12-31 11:26:10 +00:00
Bob Mottram 50d539c363 Check last line 2016-12-31 00:01:39 +00:00
Bob Mottram a537f3f174 Remove condition 2016-12-30 23:59:08 +00:00
Bob Mottram 840c7d652d Sleep anyway 2016-12-30 23:57:44 +00:00
Bob Mottram c984d027f4 comment 2016-12-30 23:55:33 +00:00
Bob Mottram f0eb273dc6 Add sleep 2016-12-30 23:54:44 +00:00
Bob Mottram a788b7e901 No source 2016-12-30 23:32:15 +00:00
Bob Mottram f50846d0d3 Don't include url when adding user 2016-12-30 23:28:05 +00:00
Bob Mottram 51ab10094e Handle onion only installs of matrix 2016-12-30 23:16:21 +00:00
Bob Mottram 1d7ebc1585 Single quotes 2016-12-30 23:01:37 +00:00
Bob Mottram 418a8bb9d6 Format of proxying 2016-12-30 22:58:20 +00:00
Bob Mottram 433c502718 Handling of turn port in nginx 2016-12-30 22:53:23 +00:00
Bob Mottram f69aa5c050 No logging by default 2016-12-30 22:45:22 +00:00
Bob Mottram ea114b507b Set the turn pid file 2016-12-30 22:34:22 +00:00
Bob Mottram f9ae15fe97 Unambiguous database 2016-12-30 22:27:46 +00:00
Bob Mottram 6b8fcd0248 matrix config directories 2016-12-30 22:23:38 +00:00
Bob Mottram ae7c7fb8a2 Alter 2016-12-30 22:15:00 +00:00
Bob Mottram 55294ef465 Remove matrix nginx entry 2016-12-30 22:11:17 +00:00
Bob Mottram d6cf09973f Turn matrix logging on or off 2016-12-30 22:05:34 +00:00
Bob Mottram a289ba985e No logging by default 2016-12-30 22:00:48 +00:00
Bob Mottram 73098f00c1 Nothing fancy 2016-12-30 21:59:08 +00:00
Bob Mottram 883d483797 nginx config for matrix 2016-12-30 21:51:35 +00:00
Bob Mottram 39544a6b21 adding user 2016-12-30 20:47:04 +00:00
Bob Mottram 7f40edbd39 Try adding a user 2016-12-30 20:43:53 +00:00
Bob Mottram 07b224d9fe Matrix daemon tweaks 2016-12-30 20:39:30 +00:00
Bob Mottram 71c87f5a79 Don't add user 2016-12-30 20:24:04 +00:00
Bob Mottram 6ea77bde31 Update matrix certs 2016-12-30 20:00:50 +00:00
Bob Mottram 9ac187f036 database 2016-12-30 19:35:11 +00:00
Bob Mottram b8bfd084d8 Double brackets 2016-12-30 18:44:44 +00:00
Bob Mottram ac496b3fe3 restart mumble 2016-12-30 18:42:59 +00:00
Bob Mottram 952e283348 certs 2016-12-30 18:39:36 +00:00
Bob Mottram 3dc0d7f860 tidying 2016-12-30 18:38:09 +00:00
Bob Mottram bf8a858ff8 Fix mumble certs 2016-12-30 18:32:06 +00:00
Bob Mottram ff3e0783b0 Remove any earlier matrix config 2016-12-30 18:22:59 +00:00
Bob Mottram bcab0a806b Create matrix config 2016-12-30 18:06:23 +00:00
Bob Mottram 79634e54a4 Add user after config 2016-12-30 17:46:04 +00:00
Bob Mottram e478d0d0a2 Check size of homeserver config 2016-12-30 17:42:52 +00:00
Bob Mottram cdf9fb1cf2 Remove unused files 2016-12-30 17:34:30 +00:00
Bob Mottram 4660718b9c Check that user is added 2016-12-30 16:59:03 +00:00
Bob Mottram 42b4317c65 report stats 2016-12-30 16:53:24 +00:00
Bob Mottram dcd908b871 quotes 2016-12-30 16:48:17 +00:00
Bob Mottram 7d33d986f1 turn 2016-12-30 16:46:09 +00:00
Bob Mottram a8bb495760 turn stats off 2016-12-30 16:44:24 +00:00
Bob Mottram 3653430413 matrix build directory 2016-12-30 16:39:38 +00:00
Bob Mottram 30b3989951 Matrix variants 2016-12-30 16:16:15 +00:00
Bob Mottram af22235ae5 turn daemon 2016-12-30 16:14:41 +00:00
Bob Mottram e054b0658d matrix 2016-12-30 16:10:20 +00:00
Bob Mottram 126274a864 Comment 2016-12-30 16:04:35 +00:00
Bob Mottram 7d92b0fde0 Scripts directory 2016-12-30 16:03:40 +00:00
Bob Mottram da0e8fbcab Separate turn server 2016-12-30 15:52:46 +00:00
Bob Mottram 3f3e4ac41d Qvitter commit which doesn't block images 2016-12-30 14:51:33 +00:00
Bob Mottram d5913b32e1 Another matrix implementation 2016-12-30 14:50:52 +00:00
Bob Mottram 1274c0e877 Update qvitter commit 2016-12-30 13:05:25 +00:00
Bob Mottram 80d4f6e600 Warning about performance 2016-12-26 11:03:29 +00:00
Bob Mottram b1613b4152 Goblin image 2016-12-26 10:58:59 +00:00
Bob Mottram a85ffc6c81 Advice on file format 2016-12-26 10:54:13 +00:00
Bob Mottram 24bee4265c Ensure ghost permissions 2016-12-26 10:40:23 +00:00
Bob Mottram e080551639 Include ssh onion address as an email domain 2016-12-25 17:28:47 +00:00
Bob Mottram 97b564bd7a onion email configuration 2016-12-25 16:45:38 +00:00
Bob Mottram ec0a88980c Fix email fix 2016-12-25 15:25:57 +00:00
Bob Mottram b19334d0b9 Mention media hosting 2016-12-25 12:12:37 +00:00
Bob Mottram 31cd63be95 Mediagoblin documentation 2016-12-25 11:58:25 +00:00
Bob Mottram 3adc321f47 Permissions 2016-12-24 22:14:27 +00:00
Bob Mottram 8575817867 Improve mediagoblin daemon 2016-12-24 17:48:44 +00:00
Bob Mottram 00972ae5a6 mediagoblin port 2016-12-24 15:45:21 +00:00
Bob Mottram ddcc3b6cdb Set onion domain 2016-12-24 15:28:18 +00:00
Bob Mottram 0d7200b9d8 Set domain and commit 2016-12-24 15:26:29 +00:00
Bob Mottram 25d0c2c031 Permissions 2016-12-24 15:17:07 +00:00
Bob Mottram 983440dd28 Additional dependencies 2016-12-24 14:09:20 +00:00
Bob Mottram 008cbd36ef Directory 2016-12-24 12:48:28 +00:00
Bob Mottram d2427458e1 No transcoding for mime types supported within browsers 2016-12-24 12:31:29 +00:00
Bob Mottram 3201d4886f Longer timeouts 2016-12-24 11:52:25 +00:00
Bob Mottram 0f87bd0a43 Checkout a specific commit to avoid future chaos 2016-12-24 11:36:37 +00:00
Bob Mottram 9eca2e1e37 Fix mediagoblin verification emails 2016-12-24 11:33:35 +00:00
Bob Mottram 6593eaf809 mediagoblin smtp host 2016-12-23 22:42:27 +00:00
Bob Mottram 44cae2bd9a Also local 2016-12-23 22:26:09 +00:00
Bob Mottram 46d5099f50 Allow mediagoblin registrations to be disabled 2016-12-23 22:19:21 +00:00
Bob Mottram 58ba3aa693 No email debug 2016-12-23 22:14:18 +00:00
Bob Mottram 55eb22832e space 2016-12-23 21:49:29 +00:00
Bob Mottram f60e7bff09 No capital 2016-12-23 21:47:59 +00:00
Bob Mottram d80d1f6d74 python paster 2016-12-23 21:45:12 +00:00
Bob Mottram 0d1b4eb2d5 Fixing mediagoblin 2016-12-23 19:08:53 +00:00
Bob Mottram dba12100ac Adding and removing users 2016-12-23 16:11:57 +00:00
Bob Mottram 9c07b17bb4 sequence 2016-12-23 16:08:36 +00:00
Bob Mottram 1fa973dea2 mediagoblin admin user 2016-12-23 16:07:51 +00:00
Bob Mottram 1f886564dc mediagoblin daemon 2016-12-23 16:06:41 +00:00
Bob Mottram 96de1b786b Increase limits 2016-12-23 15:39:13 +00:00
Bob Mottram 84765f1d1c Another mediagoblin attempt 2016-12-23 15:36:57 +00:00
Bob Mottram 4e670e3859 Return to home 2016-12-22 15:07:02 +00:00
Bob Mottram d606b64b4e Documentation for bridges 2016-12-22 14:34:57 +00:00
Bob Mottram 953a33ee06 Quiet 2016-12-22 13:46:31 +00:00
Bob Mottram 454e48a53e Show tor bridge details on about screen 2016-12-22 13:44:01 +00:00
Bob Mottram 065394c83c Simpler tor bridge removal by nickname 2016-12-22 13:13:48 +00:00
Bob Mottram b322ea8436 Dialog width 2016-12-22 12:37:39 +00:00
Bob Mottram 5a1c828b7e Menu options for running a bridge 2016-12-22 11:30:44 +00:00
Bob Mottram 3c38b86fd6 no auto 2016-12-22 10:42:36 +00:00
Bob Mottram 2171555adf Functions for adding and removing bridge relays 2016-12-22 10:41:13 +00:00
Bob Mottram 2225963992 Capitalise 2016-12-22 09:44:22 +00:00
Bob Mottram d24d6ba000 Test domain gets modified 2016-12-21 21:55:50 +00:00
Bob Mottram cf4e137c25 Exit if upgrade fails 2016-12-21 21:51:56 +00:00
Bob Mottram 6751099b80 indentation 2016-12-21 20:10:31 +00:00
Bob Mottram 5723bf46ad Simplify 2016-12-21 20:07:42 +00:00
Bob Mottram 840c5f7976 Remove unused function 2016-12-21 20:05:00 +00:00
Bob Mottram 7ad43b6800 quotes 2016-12-21 19:40:28 +00:00
Bob Mottram e3ff98ce41 quotes 2016-12-21 19:33:55 +00:00
Bob Mottram 2712e1cedd echo 2016-12-21 19:28:35 +00:00
Bob Mottram 4fc45b542a Allow upgrades 2016-12-21 19:13:48 +00:00
Bob Mottram d06fce428a Return after echo 2016-12-21 18:44:26 +00:00
Bob Mottram 86e92e1a80 bump pihole commit 2016-12-21 18:33:25 +00:00
Bob Mottram 7fcac0659c Clear first 2016-12-21 16:57:31 +00:00
Bob Mottram 6e6f2a19b6 Exclude comments 2016-12-21 16:56:27 +00:00
Bob Mottram b6bf112e77 Capital 2016-12-21 16:48:33 +00:00
Bob Mottram fb30ca8de1 dialog height 2016-12-21 16:40:27 +00:00
Bob Mottram 39bb9075c1 Function name 2016-12-21 16:38:24 +00:00
Bob Mottram e1cca214bf Tor bridges accessible from control panel 2016-12-21 16:35:50 +00:00
Bob Mottram 65031279b2 Comment 2016-12-21 15:30:35 +00:00
Bob Mottram e36c962b7d Functions for tor bridges 2016-12-21 15:26:49 +00:00
Bob Mottram 877935aeca Title 2016-12-20 17:16:32 +00:00
Bob Mottram 757d473899 Title 2016-12-20 17:14:09 +00:00
Bob Mottram 75c68a785f Add quote 2016-12-20 16:27:58 +00:00
Bob Mottram 79c7f73fa7 Be clearer about which app 2016-12-20 16:22:52 +00:00
Bob Mottram e8c10f9461 Too many laters 2016-12-20 16:20:22 +00:00
Bob Mottram 0491cd0150 Add documentation for turtl 2016-12-20 16:16:37 +00:00
Bob Mottram 667a4517d9 dialog widths 2016-12-20 15:11:59 +00:00
Bob Mottram 32e380191e Return on exit 2016-12-20 15:10:48 +00:00
Bob Mottram 64c94be074 dialog height 2016-12-20 15:09:56 +00:00
Bob Mottram d5c55a8824 Hack to enable or disable turtl signups 2016-12-20 15:07:59 +00:00
Bob Mottram 25ab7c2fc4 quicklisp path 2016-12-19 22:57:45 +00:00
Bob Mottram 8ab5e3460b Use email address 2016-12-19 22:45:12 +00:00
Bob Mottram 6a986e96c1 Name of onion address 2016-12-19 22:31:20 +00:00
Bob Mottram f3dc531b20 Standard domain name 2016-12-19 22:07:39 +00:00
Bob Mottram 7fefb18bcb onion domain 2016-12-19 22:03:41 +00:00
Bob Mottram 7abc762bfc Remove turtl app 2016-12-19 21:50:37 +00:00
Bob Mottram 170210c99e Remove nodejs on turtl removal 2016-12-19 20:46:00 +00:00
Bob Mottram 670a166699 rethinkdb port and permissions 2016-12-19 20:07:15 +00:00
Bob Mottram 0962d621b5 Tidying 2016-12-19 19:18:44 +00:00
Bob Mottram b0c494b76d Remove old profanity package if it is present 2016-12-19 15:42:38 +00:00
Bob Mottram 7d7591f235 Compile profanity from source with omemo support 2016-12-19 15:40:35 +00:00
Bob Mottram e0021a05a6 Fix warnings 2016-12-18 23:05:42 +00:00
Bob Mottram 170be59379 Tidying 2016-12-18 19:24:38 +00:00
Bob Mottram f926bc170d site 2016-12-18 16:02:08 +00:00
Bob Mottram 38ce7665d1 Install turtl app 2016-12-18 15:54:20 +00:00
Bob Mottram 6ebb971fde Add turtl site 2016-12-18 15:34:18 +00:00
Bob Mottram 3213eb004c Move to unprivileged user 2016-12-18 12:51:03 +00:00
Bob Mottram 656656c260 Different quit 2016-12-18 10:54:35 +00:00
Bob Mottram 1537b1e459 Enter 2016-12-18 10:43:45 +00:00
Bob Mottram 0c42c8b202 Try without load 2016-12-18 10:23:57 +00:00
Bob Mottram a9b971b886 asdf in api directory 2016-12-18 10:07:44 +00:00
Bob Mottram c66ed696d2 Load asdf 2016-12-18 09:50:00 +00:00
Bob Mottram 37b2ac894c quicklisp location 2016-12-18 00:05:34 +00:00
Bob Mottram 82d57fa7fc Missing r 2016-12-17 23:50:56 +00:00
Bob Mottram f2c09321c6 turtl api 2016-12-17 23:48:20 +00:00
Bob Mottram cf016d04d3 Install script 2016-12-17 18:08:28 +00:00
Bob Mottram 9519b1a5ec Loading of quicklisp 2016-12-17 17:41:17 +00:00
Bob Mottram 965b3179dc rethinkdb config 2016-12-17 17:00:11 +00:00
Bob Mottram 85f6db39a3 More turtl config 2016-12-17 16:17:19 +00:00
Bob Mottram 98ca24a116 Missing js 2016-12-15 23:18:21 +00:00
Bob Mottram c610e588d2 Separate api and app 2016-12-15 23:11:43 +00:00
Bob Mottram 8e63379e0d turtl app 2016-12-15 20:20:12 +00:00
Bob Mottram 8009661cee Skip the end message dialog and go straight to reboot 2016-12-12 15:39:15 +00:00
Bob Mottram 9bf944efb0 Workaround for page reloading on gnusocial 2016-12-12 10:10:38 +00:00
Bob Mottram 6c5c9f49d6 Bump qvitter commit 2016-12-12 09:51:30 +00:00
Bob Mottram 4794c1d1b7 Ensure that install script is removed after upgrades 2016-12-11 13:16:22 +00:00
Bob Mottram 857ba54fa4 Bump postactiv commit 2016-12-11 13:11:04 +00:00
Bob Mottram 4e4140ed06 Note about phone numbers 2016-12-11 10:02:52 +00:00
Bob Mottram 71c86eeb60 List of apps 2016-12-10 23:56:14 +00:00
Bob Mottram b7ffd413c6 Improve mumble instructions 2016-12-10 15:19:30 +00:00
Bob Mottram 49051465e7 Extra logging when installing mesh 2016-12-09 20:07:19 +00:00
Bob Mottram b68472e6a6 Larger tmp randisk 2016-12-09 19:51:52 +00:00
Bob Mottram f1f65d61d2 Make mesh router drive read only after initial setup 2016-12-09 19:47:54 +00:00
Bob Mottram f12200edd5 Have a fixed nameserver list 2016-12-07 17:02:20 +00:00
Bob Mottram 7359cdd64a More dns nameservers 2016-12-07 16:57:57 +00:00
Bob Mottram 7c6db87b59 Return rather than exit so as not to block other upgrades 2016-12-07 12:45:06 +00:00
Bob Mottram 383a4cc2a0 Improve prosody upgrades 2016-12-07 12:14:33 +00:00
Bob Mottram 94a912a2d0 Restart after upgrade 2016-12-07 12:02:15 +00:00
Bob Mottram ba4db71e76 Ensure correct prosody binaries after upgrade 2016-12-07 09:16:38 +00:00
Bob Mottram 2475813aa0 Don't check daemons which link to /dev/null 2016-12-06 20:09:17 +00:00
Bob Mottram 41fbe7a9dc Change http limit 2016-12-06 16:22:01 +00:00
Bob Mottram 989c2326f7 prosody replace mod_privacy with mod_blocklist 2016-12-06 15:43:35 +00:00
Bob Mottram a4ba665017 Setting hostname in gajim 2016-12-06 11:20:02 +00:00
Bob Mottram f2f72193b8 Check default domain name is more than zero length 2016-12-05 16:01:19 +00:00
Bob Mottram 49f0bfa3fd rss 2016-12-04 22:15:02 +00:00
Bob Mottram 5b2fe2639c Double brackets 2016-12-04 22:07:42 +00:00
Bob Mottram 79323d4e88 Remove mobile directory 2016-12-04 22:05:09 +00:00
Bob Mottram 80db21af36 Remove any already existing onion service 2016-12-04 21:58:38 +00:00
Bob Mottram cbdd428a82 Double brackets 2016-12-04 21:55:57 +00:00
Bob Mottram 285fdcd181 Remove any existing onion service 2016-12-04 21:54:21 +00:00
Bob Mottram 96af60614e No well-known directory for gnusocial or postactiv 2016-12-04 18:44:24 +00:00
Bob Mottram 813558aaf2 mail domain 2016-12-04 18:05:33 +00:00
Bob Mottram 3c0200359a On failures wait for a keypress 2016-12-04 16:23:21 +00:00
Bob Mottram a3581a4ead Permissions 2016-12-04 13:51:25 +00:00
Bob Mottram 493eb2e6ed Index of the code 2016-12-04 13:41:37 +00:00
Bob Mottram bbb32e867b code lengths 2016-12-04 13:37:42 +00:00
Bob Mottram 80b87cce80 Permissions 2016-12-04 12:42:36 +00:00
Bob Mottram 56f1a09955 Setting gnusocial passwords 2016-12-04 12:28:45 +00:00
Bob Mottram 0825cdd1ed Check that file exists 2016-12-04 12:10:17 +00:00
Bob Mottram 9176ac12d7 Simpler master password 2016-12-04 10:23:24 +00:00
Bob Mottram daafbef7a1 Clear master password after use 2016-12-04 10:12:36 +00:00
Bob Mottram 4f752ec349 Create a master password for root 2016-12-04 10:09:41 +00:00
Bob Mottram ca7b84be97 Optionally specify master password 2016-12-04 10:00:30 +00:00
Bob Mottram 807d6055bf prefix 2016-12-03 23:13:19 +00:00
Bob Mottram 9447ec59d5 Move directory 2016-12-03 23:08:30 +00:00
Bob Mottram 212700c397 Pause 2016-12-03 23:03:41 +00:00
Bob Mottram 3c75f42a7e Install to /usr/bin 2016-12-03 23:01:58 +00:00
Bob Mottram b5fb76b2fc Try a delay 2016-12-03 22:46:27 +00:00
Bob Mottram 16c3735400 Remove directories 2016-12-03 22:44:20 +00:00
Bob Mottram 2325ec410b Permissions 2016-12-03 22:42:40 +00:00
Bob Mottram 2d326113d9 List config files on failure 2016-12-03 22:38:35 +00:00
Bob Mottram 1b99f30599 cat on fail 2016-12-03 22:33:48 +00:00
Bob Mottram 40c602d54a Use full paths 2016-12-03 22:29:16 +00:00
Bob Mottram 320e8dbf79 Use prosody nightly 2016-12-03 22:20:28 +00:00
Bob Mottram 4de0d8d544 Sane multi user limits 2016-12-03 19:43:52 +00:00
Bob Mottram 052b557053 Multi-user chat config 2016-12-03 19:13:35 +00:00
Bob Mottram 79bfa16557 prosody database 2016-12-03 18:45:39 +00:00
Bob Mottram c0009d1be9 If pem certs are not available 2016-12-03 18:40:48 +00:00
Bob Mottram 1d4959ccaa More ssl params 2016-12-03 18:35:30 +00:00
Bob Mottram 0d98b41182 Tidying 2016-12-03 18:23:30 +00:00
Bob Mottram dcb87eb63a Remove any local commands 2016-12-03 18:17:41 +00:00
Bob Mottram b309419a2d Remove directory 2016-12-03 18:00:14 +00:00
Bob Mottram 5c7ac4e375 Permissions 2016-12-03 17:57:00 +00:00
Bob Mottram 896806b6f2 modules not installed 2016-12-03 17:25:18 +00:00
Bob Mottram 18cc2fdb22 Indentation 2016-12-03 17:24:17 +00:00
Bob Mottram 1f6f1ea969 Don't try to install modules package 2016-12-03 17:20:59 +00:00
Bob Mottram a001b16d76 Try to register after restart 2016-12-03 17:18:19 +00:00
Bob Mottram e123a8a2f4 Different way of referencing prosody modules 2016-12-03 17:13:43 +00:00
Bob Mottram 32a481b057 More xmpp carbons 2016-12-03 13:11:07 +00:00
Bob Mottram 0f89aafbad Prosody permissions 2016-12-03 13:07:29 +00:00
Bob Mottram 1bb1019249 Include pubsub 2016-12-03 12:55:08 +00:00
Bob Mottram 3806f4e4e9 Ensure prosody permissions 2016-12-03 12:37:07 +00:00
Bob Mottram 274097865f Create directories sooner 2016-12-03 11:43:01 +00:00
Bob Mottram 0f227587bb Ensure that prosody directory is available 2016-12-03 11:40:11 +00:00
Bob Mottram f28b2081d1 Double quotes 2016-12-03 11:26:56 +00:00
Bob Mottram 6611449670 No quotes 2016-12-03 11:21:33 +00:00
Bob Mottram 42de0ace18 Improve xmpp config 2016-12-03 11:18:19 +00:00
Bob Mottram a2ba737286 Replace ssh heading 2016-12-02 22:24:58 +00:00
Bob Mottram 16577e9692 Link to mobile advice 2016-12-02 22:22:49 +00:00
Bob Mottram 3376dbb813 Change email advice 2016-12-02 22:21:42 +00:00
Bob Mottram 8d8ba4a788 dovecot permissions 2016-12-02 18:48:04 +00:00
Bob Mottram 7c6b6ae788 Bump mailpile commit 2016-12-02 14:13:14 +00:00
Bob Mottram 46a4f19698 Dovecot permissions 2016-12-02 12:41:48 +00:00
Bob Mottram 2b6abcaa62 Add mailpile to the mail group 2016-12-02 10:51:11 +00:00
Bob Mottram df8886a222 During interactive install bypass the app selecting stage
This will ensure that apps all get separate passwords assigned
2016-12-01 13:51:11 +00:00
Bob Mottram a9756f6baf Also check for successful mysql installation 2016-12-01 11:31:26 +00:00
Bob Mottram b94090b85e Drop the database on install failure 2016-12-01 11:17:33 +00:00
Bob Mottram 3695d6a138 Bump size of tmp 2016-12-01 10:53:40 +00:00
Bob Mottram 1c392150aa Show passes and fails 2016-12-01 10:47:04 +00:00
Bob Mottram 1a1e8826a6 Add STIG tests to the security menu 2016-12-01 10:41:48 +00:00
Bob Mottram 3ae78c3765 Optionally show all stig test passes 2016-12-01 10:38:23 +00:00
Bob Mottram 8e6edc7780 More generic sysctl patterns 2016-11-30 23:43:48 +00:00
Bob Mottram ac67e36611 Catch more sysctl comment patterns 2016-11-30 23:39:32 +00:00
Bob Mottram 28f5fe42c4 Lockdown after upgrades 2016-11-30 21:22:40 +00:00
Bob Mottram 4ed6e4ff7f Schedule daily STIG tests 2016-11-30 21:00:17 +00:00
Bob Mottram cf74c113cb Null passwords not permitted 2016-11-30 20:40:32 +00:00
Bob Mottram b0ed59de5f Remove messages when running STIG 2016-11-30 20:21:58 +00:00
Bob Mottram 0e47f66928 Test STIG separately and with no output if all tests pass 2016-11-30 20:20:13 +00:00
Bob Mottram 42d5bc9321 Move tmp to a ramdisk 2016-11-30 20:10:51 +00:00
Bob Mottram 8f11ab2102 Don't check bluetooth
In most cases it doesn't exist and if it does it gets turned off in the config
2016-11-30 19:36:01 +00:00
Bob Mottram fa9c3b6f22 Prefer bettercrypto cyphers 2016-11-30 19:16:27 +00:00
Bob Mottram 28e8155750 Modules aren't installed anyway 2016-11-30 18:27:07 +00:00
Bob Mottram b872f429c6 Invert logic 2016-11-30 18:08:58 +00:00
Bob Mottram 496f3cd4f2 Not needed, handled by unattended upgrades 2016-11-30 18:02:50 +00:00
Bob Mottram 3f0d9b7b82 Disable null passwords 2016-11-30 17:54:45 +00:00
Bob Mottram 05a6efe365 This only applies in a typical server scenario where there are lots of users on one machine 2016-11-30 17:48:31 +00:00
Bob Mottram 22a7378852 Exceptions 2016-11-30 17:44:43 +00:00
Bob Mottram e6d4f1af0c Logging is already minimised by default 2016-11-30 17:37:53 +00:00
Bob Mottram b88a3e867b Disable tipc 2016-11-30 17:24:05 +00:00
Bob Mottram 6b4dba4771 Disable rds 2016-11-30 17:21:22 +00:00
Bob Mottram 21a3edf51a Disable sctp 2016-11-30 17:18:22 +00:00
Bob Mottram c9f6fbd54f Disable dccp 2016-11-30 17:15:43 +00:00
Bob Mottram 82a57bc41c Don't accept redirects 2016-11-30 17:04:56 +00:00
Bob Mottram b9ad7e57a3 ipv6 can be used 2016-11-30 16:26:05 +00:00
Bob Mottram b399c50c26 More ip rules 2016-11-30 16:18:40 +00:00
Bob Mottram d4c07b2cc8 Improve check for ctrl-alt-del 2016-11-30 16:04:05 +00:00
Bob Mottram b106d14890 Single quotes 2016-11-30 15:46:04 +00:00
Bob Mottram 23f67f2426 Checking for ctrl-alt-del link 2016-11-30 15:43:31 +00:00
Bob Mottram 2fd24df9a1 Zero on success 2016-11-30 14:43:36 +00:00
Bob Mottram 73316797e3 Change rule to exclude nonexistent directory 2016-11-30 14:38:28 +00:00
Bob Mottram 8dfaa5d981 irc user directory 2016-11-30 14:25:27 +00:00
Bob Mottram 01c8ac8b60 Passwords are usually random so this doesn't apply 2016-11-30 14:00:44 +00:00
Bob Mottram f45f281dd4 Set lychee permissions 2016-11-30 13:55:41 +00:00
Bob Mottram 6090d6c84c Permission on tox node keys 2016-11-30 13:51:03 +00:00
Bob Mottram 5c79c584fc Set sticky bits 2016-11-30 13:40:17 +00:00
Bob Mottram 3f58fc17d2 exim/procmail command permissions 2016-11-30 13:12:15 +00:00
Bob Mottram b97ec3892b Dummy nologin command
To fix STIG error
2016-11-30 10:30:56 +00:00
Bob Mottram 7e9f249e11 radicale user directory 2016-11-30 10:23:58 +00:00
Bob Mottram 466dec4d89 Change function name 2016-11-30 09:41:56 +00:00
Bob Mottram c4de2e86d2 Add and remove groups when for users 2016-11-30 09:40:10 +00:00
Bob Mottram e51e1a9ce2 Help option 2016-11-30 09:36:12 +00:00
Bob Mottram 396b202982 Disable core dumps 2016-11-29 23:19:31 +00:00
Bob Mottram a76a4d22f9 Disk encryption is optional 2016-11-29 23:13:36 +00:00
Bob Mottram a25037f226 Firewall drops forwards 2016-11-29 23:10:55 +00:00
Bob Mottram 4eced972fd Install screen to enable console locking 2016-11-29 22:39:29 +00:00
Bob Mottram 20701521bb Simultaneous user logins 2016-11-29 22:19:46 +00:00
Bob Mottram 83ef278c13 Done via control panel 2016-11-29 22:13:03 +00:00
Bob Mottram 4a4fd7899f root mail 2016-11-29 22:12:02 +00:00
Bob Mottram 21d74c022d Zero on success 2016-11-29 22:01:33 +00:00
Bob Mottram 4b33bdf8fc Permissions in makefile 2016-11-29 21:53:20 +00:00
Bob Mottram 0cdefe53c2 Permissions in makefile 2016-11-29 21:52:12 +00:00
Bob Mottram f6fd2111e7 Ensure permissions on freedombone commands 2016-11-29 21:49:40 +00:00
Bob Mottram 9749cb43ce sudo permissions 2016-11-29 21:17:52 +00:00
Bob Mottram 11899c9904 Set command file permissions 2016-11-29 20:49:11 +00:00
Bob Mottram 8e9933725d Remove logins via serial console 2016-11-29 20:34:29 +00:00
Bob Mottram 7a66ad8571 Use tripwire 2016-11-29 20:17:00 +00:00
Bob Mottram 81ba396ae6 User management menu image 2016-11-29 19:45:28 +00:00
Bob Mottram 2fb341b487 In most cases the boot loader isn't grub 2016-11-29 19:34:24 +00:00
Bob Mottram 35d789f133 Limit the number of user logins 2016-11-29 19:30:36 +00:00
Bob Mottram c24e7a4d0c Reset user password tries from the control panel 2016-11-29 19:12:17 +00:00
Bob Mottram a686f2401c Limit number of login attempts 2016-11-29 18:10:27 +00:00
Bob Mottram b8b0637e13 Set maximum login attempts 2016-11-29 16:31:07 +00:00
Bob Mottram 5e7a01f193 Not applicable for random passwords 2016-11-29 15:36:46 +00:00
Bob Mottram f9d646cb31 Not applicable to random passwords 2016-11-29 15:34:51 +00:00
Bob Mottram de1eb3fe2c Passwords are randomly generated 2016-11-29 15:34:12 +00:00
Bob Mottram d6323eeaa8 Doesn't apply with this system 2016-11-29 15:32:56 +00:00
Bob Mottram f20c6aebf3 Ignore bogons 2016-11-29 15:31:50 +00:00
Bob Mottram e1a352919f No permissions on shadow most of the time 2016-11-29 15:00:40 +00:00
Bob Mottram 4b81fde030 Alter permissions when adding and removing users 2016-11-29 14:42:27 +00:00
Bob Mottram 0d568644e0 Set shadow permissions 2016-11-29 14:31:54 +00:00
Bob Mottram a9a2ade4cc Note about flakiness 2016-11-29 14:08:09 +00:00
Bob Mottram 63821d3c21 Disable deferred execution 2016-11-29 13:53:16 +00:00
Bob Mottram 8a844d3024 insecure locks test 2016-11-29 13:40:37 +00:00
Bob Mottram a3e4aaa57b Removing x11-common would remove some essential stuff, including emacs 2016-11-29 13:36:20 +00:00
Bob Mottram f5b3393a3b Set login umask 2016-11-29 13:31:36 +00:00
Bob Mottram 4add2899d7 Don't use postfix 2016-11-29 13:18:46 +00:00
Bob Mottram 4d0e030130 Disable nfs insecure locks 2016-11-29 13:16:53 +00:00
Bob Mottram e5b04a2d1f Don't lock inactive accounts 2016-11-29 13:07:47 +00:00
Bob Mottram cb87c06f90 Remove bluetooth 2016-11-29 13:01:00 +00:00
Bob Mottram bc6f387506 Don't disable avahi 2016-11-29 12:42:01 +00:00
Bob Mottram aa38f141c6 Not using postfix 2016-11-29 12:40:02 +00:00
Bob Mottram 1f0ac1f3ce Security Technical Implementation Guide tests based upon RHEL/hardenedlinux 2016-11-29 12:37:48 +00:00
Bob Mottram 95c758067a Link to domains from the index 2016-11-29 10:54:00 +00:00
Bob Mottram 55af2b4c9d Guide on domain names 2016-11-29 10:42:07 +00:00
Bob Mottram fccdf73c0f Quote 2016-11-28 19:23:41 +00:00
Bob Mottram 01cbac1123 Reconfigure exim 2016-11-28 14:38:52 +00:00
Bob Mottram dca0cb9b1b Default logging to 'no' 2016-11-28 14:05:30 +00:00
Bob Mottram 1c7b22ea1a Control exim logging 2016-11-28 14:03:49 +00:00
Bob Mottram ac5f91b6b6 Control exim logging 2016-11-28 13:41:31 +00:00
Bob Mottram c5423fa814 Absolute url 2016-11-26 19:49:56 +00:00
Bob Mottram d99e3e20d8 Link to mirror site 2016-11-26 19:46:53 +00:00
Bob Mottram 78a62568d6 Update mesh image filenames 2016-11-26 16:04:27 +00:00
Bob Mottram 57374c26f4 Insecure mesh image 2016-11-26 12:54:27 +00:00
Bob Mottram ef42ef56c0 Downloads link on readme 2016-11-25 23:53:32 +00:00
Bob Mottram 9b0cee5d2e Links to downloads 2016-11-25 23:50:50 +00:00
Bob Mottram 3cb446107a v2.00 2016-11-24 21:57:17 +00:00
Bob Mottram d525003192 image 2016-11-24 21:13:50 +00:00
Bob Mottram 8699d8940c Don't check postactiv daemons 2016-11-24 18:54:12 +00:00
Bob Mottram 4ea2433d3d Don't include commits as variables, since this makes upgrades hard 2016-11-24 18:37:10 +00:00
Bob Mottram b90a0038e3 Bump postactiv commit 2016-11-24 18:12:44 +00:00
Bob Mottram 7371b7260c Image width 2016-11-24 18:02:38 +00:00
Bob Mottram 0ffa9301a7 Image on readme 2016-11-24 18:01:13 +00:00
Bob Mottram 615d8162c5 image filename 2016-11-24 17:58:12 +00:00
Bob Mottram d1592a23b5 bbb board images 2016-11-24 17:56:03 +00:00
Bob Mottram 2784666962 Remove on failure 2016-11-24 15:44:37 +00:00
Bob Mottram e671e97c29 Remove on failure 2016-11-24 15:43:35 +00:00
Bob Mottram dda45dc829 Try different postactiv commit 2016-11-24 15:41:03 +00:00
Bob Mottram e710dfd7cf Mention password export 2016-11-24 14:59:01 +00:00
Bob Mottram ecef9b8229 Use project name variable 2016-11-24 14:35:28 +00:00
Bob Mottram d57e05f2f9 Include the option to format the drive during password export 2016-11-24 14:32:37 +00:00
Bob Mottram 2133adc407 Get app name 2016-11-24 14:17:40 +00:00
Bob Mottram d37e93f69b No spaces 2016-11-24 13:50:01 +00:00
Bob Mottram ea1227fbac Don't need any key 2016-11-24 13:46:20 +00:00
Bob Mottram 3fb6d9d109 Security menu option to export passwords 2016-11-24 13:44:42 +00:00
Bob Mottram 0d21105e81 Note on exporting passwords 2016-11-24 13:11:44 +00:00
Bob Mottram 11fcfafb3b Export passwords to keepass 2016-11-24 13:08:19 +00:00
Bob Mottram 90ec8c21f0 Fix marge conflicts 2016-11-24 11:09:15 +00:00
Bob Mottram bd74ed4be5 Switch to using master branch for installs and upgrades 2016-11-24 10:50:25 +00:00
Bob Mottram 851d44c5be Merge stockholm 2016-11-24 10:44:30 +00:00
Bob Mottram 21717b3acd Better naming to differentiate config files from user config 2016-10-24 22:31:56 +01:00
Bob Mottram d79ad89c16 Use a fixed obnam client name 2016-10-24 12:35:34 +01:00
Bob Mottram f17003d675 update to hubzilla 1.14 2016-10-13 10:07:18 +01:00
Bob Mottram e9949e8861
Don't pin certs 2016-08-30 19:45:22 +01:00
Bob Mottram d36e756982 pem used by letsencrypt 2016-08-27 16:29:37 +01:00
Bob Mottram aa91c908c3 Go version 2016-08-27 13:21:56 +01:00
Bob Mottram e98a8771dd gogs commit 2016-08-27 11:51:11 +01:00
Bob Mottram 460130f65c
Update hubzilla to 1.12 2016-08-24 15:35:49 +01:00
Bob Mottram 19a13521a7 Don't pin certs
The guidelines on how to do this properly are just too confusing
2016-08-10 10:30:29 +01:00
Bob Mottram 94310d176f Option to remove pinning from a domain 2016-08-09 12:10:21 +01:00
Bob Mottram 0a44b79e16 Pin certificates 2016-08-09 09:48:48 +01:00
Bob Mottram 2a31e5c4ad Option to pin all TLS certificates 2016-08-09 09:46:56 +01:00
Bob Mottram f81b895462
Fix pinning 2016-08-08 20:54:09 +01:00
Bob Mottram cab0d9315d
Merge branch 'master' of https://github.com/bashrc/freedombone 2016-08-08 20:25:45 +01:00
Bob Mottram 8b1f7c327b
Include backup pin for certificates 2016-08-08 20:25:15 +01:00
Bob Mottram 14a4d07090 Bump ttrss gnusocial plugin commit 2016-08-06 18:15:06 +01:00
Bob Mottram cf8ff7ea1b bump rss reader commit 2016-08-06 16:06:45 +01:00
Bob Mottram 7a6b115abf Fix ttrss local backup 2016-08-06 11:03:33 +01:00
641 changed files with 75591 additions and 26221 deletions

37
CONTRIBUTING.md Normal file
View File

@ -0,0 +1,37 @@
There are many ways to contribute.
# Software Testing
Currently there isn't any CI system and with the increasing number of apps there is always the need to test on different or new hardware. Pick some hardware. Try installing the system onto it.
* Are the instructions clear enough?
* Were there any failures during the install?
* Do any of the apps fail?
Reporting any failures, either as issues or by any other method is very useful.
# Physical Testing
Testing of the mesh system in various environments. What's the maximum range for a given wifi adapter? What type of cantennas or reflectors work best on an ultra-low budget? Which wifi adapters have free software drivers? What are the simplest antenna designs which are quickest to make? Perhaps antenna advice or example deployment descriptions could be part of the documentation.
# Documentation
* Improving descriptions of processes or apps
* Fixing spelling or typos
* Adding any documentation which might be missing
* Better screenshots for apps
* Translations for the website, within the *doc* subdirectory.
* Translations of the manpages with the *man* subdirectory.
# Artwork
The project doesn't have much of this. There are some desktop backgrounds within the *img/backgrounds* subdirectory which could be improved. Cute mascots and things like that can also help to attract interest. The mesh variant of the system has desktop icons which could also be better.
# Security Auditing
Looking for any obvious security mistakes, doing pentesting on an installed test system and reporting the results would be useful. There are already many STIG tests in the *tests* subdirectory, but having more wouldn't hurt.
# Campaigning
Ensuring that the internet doesn't become far less neutral than it already is. Encouraging ISPs not to have policies which ban people from running servers. Promoting and raising awareness that self-hosting is a thing which is actually useful. All of these activities are incredibly important to allow self-hosting to remain a viable possibility. ISPs are the bottleneck, and if they implement bad government mandated policies then it may become no longer practical or legal to run your own internet systems on your own hardware in your own home.
# Adding more apps or maintaining existing ones
Typically apps are pegged to a known good commit. One useful thing is to try recent commits and see if the app installs successfully. Do any new packages need to be installed, or old ones removed? See the developer's guide for how to add new apps to the system.
# Code Audit
It's all just bash scripts and the more eyeballs on it the more likely that mistakes will be found and fixed.
# Blogging
Just blogging about the project can help to inform people that decentralised systems exist and that they don't need to be trapped in the cloud services of $bigcorp. Even if you find some aspect of the project which sucks badly, blogging about it is one way to provide feedback which could lead to future improvements being made.

View File

@ -20,14 +20,16 @@ install:
mkdir -p ${DESTDIR}${PREFIX}/bin
mkdir -p ${DESTDIR}/usr/share/${APP}/base
mkdir -p ${DESTDIR}/usr/share/${APP}/apps
mkdir -p ${DESTDIR}/usr/share/${APP}/android-app
mkdir -p ${DESTDIR}/usr/share/${APP}/utils
mkdir -p ${DESTDIR}/usr/share/${APP}/avatars
mkdir -p ${DESTDIR}/etc/${APP}
cp src/${APP} ${DESTDIR}${PREFIX}/bin
rm -f ${DESTDIR}${PREFIX}/bin/${APP}-*
cp -r image_build/* ${DESTDIR}/etc/${APP}
cp img/backgrounds/${APP}_*.png ${DESTDIR}${PREFIX}/share
cp img/avatars/* ${DESTDIR}/usr/share/${APP}/avatars
cp src/* ${DESTDIR}${PREFIX}/bin
cp src/${APP}-controlpanel ${DESTDIR}${PREFIX}/bin/control
cp src/${APP}-mesh-batman ${DESTDIR}${PREFIX}/bin/batman
cp src/${APP}-backup-local ${DESTDIR}${PREFIX}/bin/backup
cp src/${APP}-backup-local ${DESTDIR}${PREFIX}/bin/backup2friends
@ -40,10 +42,16 @@ install:
mv ${DESTDIR}${PREFIX}/bin/${APP}-app-* ${DESTDIR}/usr/share/${APP}/apps
mv ${DESTDIR}${PREFIX}/bin/${APP}-utils-* ${DESTDIR}/usr/share/${APP}/utils
mkdir -m 755 -p ${DESTDIR}${PREFIX}/share/man/man1
cp man/${APP}.1.gz ${DESTDIR}${PREFIX}/share/man/man1
rm ${DESTDIR}${PREFIX}/share/man/man1/${APP}*.1.gz
cp man/*.1.gz ${DESTDIR}${PREFIX}/share/man/man1
cp man/${APP}-backup-local.1.gz ${DESTDIR}${PREFIX}/share/man/man1/backup.1.gz
cp man/${APP}-restore-local.1.gz ${DESTDIR}${PREFIX}/share/man/man1/restore.1.gz
cp img/android-app/*.png ${DESTDIR}/usr/share/${APP}/android-app
chown -R root: /usr/share/${APP}
chmod -R +r /usr/share/${APP}
# bash -c "./translate install"
/usr/local/bin/${APP}-prepare-scripts
uninstall:
rm -f ${PREFIX}/share/${APP}_*.png
rm -f ${PREFIX}/share/man/man1/backup.1.gz
@ -59,6 +67,9 @@ uninstall:
rm -f ${PREFIX}/bin/restorefromfriend
rm -f ${PREFIX}/bin/batman
rm -rf /etc/${APP}
rm -f ${PREFIX}/bin/control
rm -f ${PREFIX}/bin/controluser
rm -f ${PREFIX}/bin/addremove
bash -c "./translate uninstall"
clean:
rm -f \#* \.#* debian/*.substvars debian/*.log src/*~

View File

@ -1,21 +1,17 @@
<img src="https://github.com/bashrc/freedombone/blob/master/img/logo.png?raw=true" width=640/>
<img src="https://code.freedombone.net/bashrc/freedombone/raw/master/img/logo.png?raw=true" width=200/>
> _"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we dont control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment."_ -- Lucas Nussbaum
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things.
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.
You can run Freedombone on an old laptop or a single board computer. See the [list of installation methods](https://freedombone.net/installmethods.html). You can also use it to [set up a mesh network](https://freedombone.net/mesh.html) in your local area.
[Here's how](https://freedombone.net/homeserver.html).
Check out the [list of available apps](https://freedombone.net/apps.html) and [Frequently Asked Questions](https://freedombone.net/faq.html) section. Recent developments are also described on [the blog](https://blog.freedombone.net/tag/freedombone). You might also wish to know how to [backup and restore the system](https://freedombone.net/backups.html).
And here's how [on a Beaglebone Black](https://freedombone.net/beaglebone.html).
Disk images which can be cloned straight to USB or microSD drives are [available here](https://freedombone.net/downloads/images.txt) in [dat format](https://datproject.org).
Want to make a community mesh network which doesn't depend upon the internet?
If you find bugs, or want to add a new app to this system see the [Developers Guide](https://freedombone.net/devguide.html) and [Code of Conduct](https://freedombone.net/codeofconduct.html). There is a Matrix chat room available at *#fbone:matrix.freedombone.net* and an XMPP channel at *support@chat.freedombone.net*. The XMPP channel requires membership which you can ask for via [these contact details](https://freedombone.net/support.html).
[You can do that too](https://freedombone.net/mesh.html).
If you like this project and want to support continued development then [here's what to do](https://freedombone.net/support.html).
After installation it's possible that you might want some advice on how to run your system and set up apps to work nicely with it.
A dat version of the website is avalable at [dat://676db9db2e04a604ea6dbc798bb0d327a335c19b4856ac496ae4bb34e367633a/](dat://676db9db2e04a604ea6dbc798bb0d327a335c19b4856ac496ae4bb34e367633a/).
* [Apps available on the system](https://freedombone.net/apps.html)
* [General usage](https://freedombone.net/usage.html)
* [Frequently Asked Questions](https://freedombone.net/faq.html)
If you find bugs, or want to add a new app to this system see the [Developers Guide](https://freedombone.net/devguide.html).
<a href="https://code.freedombone.net/bashrc/freedombone/raw/stretch/website/EN/fdl-1.3.txt"><img src="https://code.freedombone.net/bashrc/freedombone/raw/master/img/gfdl.png?raw=true" width=80/></a>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 11 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 104 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 8.4 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 57 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 13 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 167 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 16 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 158 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 7.3 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 56 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 12 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 110 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 38 KiB

55
code-of-conduct.md Normal file
View File

@ -0,0 +1,55 @@
# Freedombone "Code of Conduct"
## Be respectful
In any Free Software project with more than one participant inevitably there may be people with whom you may disagree, or find it difficult to cooperate. Accept that, but even so, remain respectful. Disagreement is no excuse for poor behaviour or personal attacks, and a community in which people feel threatened is not a healthy community.
## Assume good faith
Freedombone Contributors have many ways of reaching our common goal of providing freedom respecting internet or mesh systems which may differ from your ways. Assume that other people are working towards this goal.
## Be collaborative
Freedombone is a moderately complex project, though nothing big and professional like GNU. It's good to ask for help when you need it. Similarly, offers for help should be seen in the context of our shared goal of improving the system.
When you make something for the benefit of the project, be willing to explain to others how it works, so that they can build on your work to make it even better.
## Try to be concise
If you're submitting documentation then keep in mind that what you write once could be read by many other people. To avoid TL;DR keep it as short and concise as possible. This will also reduce the amount of translations effort needed.
If you're discussing an issue or bug, try to stay on topic, especially in discussions that are already fairly large.
## Be open
Most ways of communication used within Freedombone (eg Matrix/XMPP) allow for public and private communication. Prefer public methods of communication for Freedombone-related messages, unless posting something sensitive.
This applies to messages for help, too; not only is a public support request much more likely to result in an answer to your question, it also makes sure that any inadvertent mistakes made by people answering your question will be more easily detected and corrected.
## No spamming
Posting of adverts or other off-topic content in Matrix/XMPP or other public systems used by the project will be considered a violation of the code of conduct.
## Respect others privacy
No stalking, unwanted personal attention, or unwelcome revealing or speculating about personal details of others.
In cases of sincere, good-faith curiosity about someones experience or identity, ask politely in a manner such that they will feel free to decline the request.
## No hostile communication
No insults, harassment (sexual or otherwise), condescension, ad hominem, threats, or other intimidation.
Condescension means treating others as inferior. Subtle condescension still violates the Code of Conduct even if not blatantly demeaning.
No stereotyping of or promoting prejudice or discrimination against particular groups or classes of people.
In cases where criticism of ideology or culture remains on-topic, respectfully discuss the ideas.
## In case of problems
While this code of conduct should be adhered to by participants, we recognize that sometimes people may have a bad day, or be unaware of some of the guidelines in this code of conduct. When that happens, you may reply to them and point out this code of conduct. Such messages may be in public or in private, whatever is most appropriate. However, regardless of whether the message is public or not, it should still adhere to the relevant parts of this code of conduct; in particular, it should not be abusive or disrespectful. Assume good faith; it is more likely that participants are unaware of their bad behaviour than that they intentionally try to degrade the quality of the discussion.
Serious or persistent offenders will be kicked from chat rooms and any of their subsequent patches will be unlikely to be upstreamed. In this context "serious" means that someone is causing others to feel unsafe or be unable to contribute, for whatever reason.
This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.

39
doc/EN/app_akaunting.org Normal file
View File

@ -0,0 +1,39 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, akaunting
#+DESCRIPTION: How to use Akaunting
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Akaunting
The Freedombone system isn't primarily aimed at companies or institutions, but if you're a one person company or freelancer then having the ability to run your own accounting system and keep the data private and also backed up is useful. Akaunting provides a nice web based system for small business accounts, and is also quite usable within a mobile web browser.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *akaunting*. Enter the subdomain that you which to use, such as *accounts.mydomain.net*, and optionally a FreeDNS code.
From the *Administrator control panel* select *Passwords* and look up the password for *mariadb*.
Now in a browser navigate to your subdomain. You will need to enter some details for the database. The password should be the mariadb one.
#+attr_html: :width 80% :align center
[[file:images/akaunting_setup.jpg]]
After that you'll need to enter a company name and an email address. You can make the administrator password anything you prefer, and a suggestion can be found within the *Passwords* section of the *Administrator control panel* under *akaunting*.
#+attr_html: :width 80% :align center
[[file:images/akaunting_setup_company.jpg]]
From then on the system should be usable. Accounts software can often be quite complex, and so you'll probably want to refer to the [[https://akaunting.com/docs][official documentation]] for details.

28
doc/EN/app_bdsmail.org Normal file
View File

@ -0,0 +1,28 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, bdsmail
#+DESCRIPTION: How to use BDS Mail
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* BDS Mail
BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existing email server which comes installed as default. It creates an extra folder within the Mutt client which allows you to send and receive email using [[https://en.wikipedia.org/wiki/I2P][i2p]] as the transport layer. This solves the problem of being blocked by dubious systems and also the problem of user friendly email encryption. If you're behind a hostile firewall which you don't control and which blocks all ports, this system is still likely to work. You can use GPG as an additional encryption layer if you prefer, but it's not strictly necessary because you already have the i2p public key system to ensure end-to-end security.
It's unlikely that many people will use this. If it's hard to persuade anyone to use GPG or Enigmail then it will be /next to impossible/ to persuade them to switch to BDS Mail unless they're already obsessive about technical security. However, this provides yet another option for reasonably secure communications if other methods fail or are untrustable.
* Installation
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Administrator controls* then *Add/Remove Apps* then *bdsmail*. It may take a while to install, due to the creation of keys.
After installation exit from *Administrator controls* back to the user control panel then select the option to *show your email address*. You will now have a new bdsmail address which ends with /.b32.i2p/. If you then select *Use Email* to run the Mutt email client you'll notice that you now have a folder called *i2p*. If you select that folder (move up and down with /CTRL+n/ or /CTRL+p/ and open with /CTRL+o/) you can then send email from your new address, or receive mail to it. Just like ordinary email, but with a more random-looking address.

29
doc/EN/app_bludit.org Normal file
View File

@ -0,0 +1,29 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, bludit, blog
#+DESCRIPTION: How to use Bludit
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Bludit
This is a databaseless blogging system which uses markdown files. It's not very complex and so there is not much to go wrong, and it should run well on any server hardware.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *bluit*. Enter the subdomain that you which to use, such as *blog.mydomain.net*, and optionally a FreeDNS code.
Now in a browser navigate to your subdomain. You will need to enter some details for the database. You'll be asked to provide an initial administrator password.
From there on it's all pretty straightforward. If you need to publish a draft the post status can be changed on a drop down list on the right hand side.

36
doc/EN/app_cryptpad.org Normal file
View File

@ -0,0 +1,36 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, cryptpad
#+DESCRIPTION: How to use CryptPad
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* CryptPad
#+attr_html: :width 80% :align center
[[file:images/cryptpad.jpg]]
This is similar to [[./app_etherpad.html][EtherPad]] but with better security and more document types which can be collaboratively edited in real time. It includes not just text editing but also creating presentations, voting and editing source code.
For added security this system is only available via an onion address, so you and your collaborators will need to be using Tor compatible browsers.
Enabling someone to edit a document is as simple as sending them the URL via a chat system. You can also send a read only URL for a document if you only want the recipient to be able to view but not edit.
Documents are stored locally within the browser of each user and the server just acts as a coordinator. No documents are stored on the server.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *cryptpad*. When that is complete go to *About this system* and look up the onion address. Enter that into a Tor compatible browser.
One thing to be aware of is that on this system registration and logins are disabled, so that only anonymous or pseudanonymous editing is available. This prevents anyone who discovers the onion address from then disabling your server by creating millions of accounts.

26
doc/EN/app_datserver.org Normal file
View File

@ -0,0 +1,26 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, dat, hypercored
#+DESCRIPTION: How to use datserver
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* datserver
[[https://datproject.org/][dat]] is a peer-to-peer system for distributing large files, such as operating system images or scientific data sets. The datserver app creates an instance of [[https://docs.datproject.org/server][hypercored]], which can then be used to host [[https://datproject.org/][dat files]] on your server, ensuring that they're always available to download.
dat is preferable to older ways of distributing files, such as ftp, because files are content addressable and can be seeded on multiple machines to provide greater speed and robustness. It also works nicely with the [[https://beakerbrowser.com/][Beaker browser]].
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Administrator controls* then *Add/Remove Apps* then *datserver*.
Once installed you can select *Administrator controls* then *App Settings* then *datserver* and add dat links to be served.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>DLNA</h1>
</center>
#+END_EXPORT
* DLNA
An easy way to play music on any mobile device in your home is to use the DLNA service. Copy your music into a directory called "/Music/" on an unencrypted USB thumb drive and then insert it into a USB socket on the Freedombone system.
@ -28,6 +23,4 @@ Select *Administrator controls* then *App Settings* then *dlna*. From there you
The system will scan the /Music/ directory, which could take a while if there are thousands of files, but you don't need to do anything further other than perhaps to log out by selecting *Exit* a couple of times.
If you have an Android device then go to F-Droid (if you don't already have it installed then it can be [[https://f-droid.org/][downloaded here]]) and search for *ControlDLNA*. On running the app you should see a red Debian icon which you can press on, then you may need to select "local". After a few seconds the list of albums or tracks should then appear and you can browse and play them.
The DLNA service will only work within your local home network, and isn't remotely accessible from other locations via the internet. That can be both a good and a bad thing. Another consideration is that there are /no access controls/ on DLNA services, so any music or videos on the USB drive will be playable by anyone within your home network.

View File

@ -6,19 +6,13 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Dokuwiki</h1>
</center>
#+END_EXPORT
* Dokuwiki
Dokuwiki is a wiki which stores its content in text files. Having no database makes maintaining it simpler, and it's not tied to any particular domain name so you can easily copy the files to a different domain if you need to.
* Installation
Log into your system with:
@ -26,7 +20,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *dokuwiki*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /wiki.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.

29
doc/EN/app_edith.org Normal file
View File

@ -0,0 +1,29 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, edith, notes
#+DESCRIPTION: How to use Edith notes
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Edith Notes
Edith notes is the simplest and quickest kind of notes system. It has no complicated user interface. Just enter your domain and a title and a note will be created. Everything typed is saved automatically.
The speed and minimalism of this type of notes system may make it suitable for things like shopping lists or distraction free writing.
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Administrator controls* then *App Settings* then *edith*. Enter a subdomain name, such as /notes.mydomain.com/, and optionally a freedns code. When the installation is complete you can then look up the password for the site within the *Passwords* section of the *Administrator control panel*, then navigate to the subdomain. Log in, then enter something like /notes.mydomain.com/testnote/ and start typing.
#+attr_html: :width 80% :align center
[[file:images/edith_notes.jpg]]
It is possible to turn off the login via *App Settings/edith* if you wish, but this will enable anyone on the internet to view or edit notes on your system, which could have obvious privacy or stability implications. From *App settings/edith* it's also possible to browse through your notes files.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Emacs</h1>
</center>
#+END_EXPORT
* Emacs
Emacs is a text editor popular with software developers or anyone who needs to take notes at high speed or be able to customise their editing environment to a high degree. When installed on Freedombone it can be used together the Mutt email client to edit new emails or if you need to manually edit configuration files.
@ -25,7 +20,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps*. If Vim is selected then you might want to unselect and uninstall it first, then select *emacs*.

View File

@ -6,17 +6,14 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Etherpad</h1>
</center>
#+END_EXPORT
* Etherpad
For collaborative document editing Etherpad is hard to beat. Just log in, choose a document title and then edit. Different users will appear in different colours, and can also chat in the sidebar. This is installed as a private system in which only users on your Freedombone server will be able to create and edit documents, so it's not open to any random users on the internet.
This is a well known system for real time collaborative editing of documents. Just log in, choose a document title and then edit. Different users will appear in different colours, and can also chat in the sidebar. This is installed as a private system in which only users on your Freedombone server will be able to create and edit documents, so it's not open to any random users on the internet.
If security is an especially important factor then you might also want to consider installing [[./app_cryptpad.html][CryptPad]] instead. It has more features and doesn't store any documents on the server.
* Installation
Log into your system with:
@ -25,7 +22,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *etherpad*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /wiki.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.

43
doc/EN/app_fedwiki.org Normal file
View File

@ -0,0 +1,43 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, fedwiki
#+DESCRIPTION: How to use Federated Wiki
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Federated Wiki
Federated wikis are a relatively new concept. There can be multiple copies of the same page on different servers and it's then easy to pick which version you prefer, or make something new. It's like wiki meets mashup meets federation, and so is different from many previous web paradigms and may take some recalibration of how you think the web should work.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *fedwiki*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /wiki.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
* Usage
First you'll need to get the login password, which can be found on the *Administrator control panel* under *Passwords* then *fedwiki*.
Navigate to your wiki site then click on the *lock icon* at the bottom of the screen and enter the password. It should then appear unlocked. If you don't unlock then any edits you make won't be saved.
There are a few things to know about using the federated wiki.
* You can edit by clicking on the *wiki* button at the bottom of the screen
* To edit a paragraph double click on it
* To remove a paragraph just delete all of its text
* Paragraphs can be dragged up and down to change their order, or moved between pages
* To add a new paragraph use the *+* button
* You can use left and right cursor keys to move through pages
* To claim/fork a page from another server click on the flag icon
* When done editing click on the *wiki* button again
* Different versions of the same page on different servers are represented by boxes at the bottom right of the screen. You can double click on them to see the different versions, and use the flag icon to fork if you prefer that version

40
doc/EN/app_friendica.org Normal file
View File

@ -0,0 +1,40 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, friendica
#+DESCRIPTION: How to use Friendica
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Friendica
Friendica is a federated social networking system. It can federate with other popular systems such as GNU Social and Diaspora. Currently Friendica only works on the clearnet and doesn't have an onion address.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *friendica*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /friendica.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Friendica. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your Friendica domain listed there. You can then navigate to your site in a browser.
On first visiting your Friendica site you'll see the login screen. The first thing you need to do is to select *register* to create a new Friendica administrator user. The first user on the system then becomes its administrator.
#+attr_html: :width 80% :align center
[[file:images/friendicaadmin.jpg]]
Friendica has numerous addons which you might want to explore. Select the small icon next to the search box and you will get to the administrator settings. Select *plugins* and you can then configure which ones you want. From the *site* settings you can also force all links to use SSL/TLS for added security.
You can have as many users register as you wish, but it's a good idea to close registrations once you don't need any more accounts in order to prevent millions of random users from the internet setting up home on your Friendica site and ruining the performance of your server. To do that go to the *Administrator control panel* and select *App Settings* then *friendica*. You can then choose the option to prevent new account registrations.

View File

@ -1,45 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, ghost
#+DESCRIPTION: How to use Ghost
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Ghost</h1>
</center>
#+END_EXPORT
Ghost is a blogging system which uses markdown formatted posts. It's quite simple to use, and also looks nice even on small mobile screens.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *ghost*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /blog.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Ghost. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your Ghost blog domain listed there along with an onion address. You can then navigate to your site in a browser.
To see the login password for your site go to *Passwords* on the *Administrator control panel* and select the appropriate username and app. The passwords will be different for each user and may not be the same as the password which you used to originally ssh into the system.
Navigate to https://yourghostblogdomain/ghost and click on *create your account*
Enter your email address, password and blog title.
When prompted to invite users click on *I'll do this later*
Under *Settings* on the *General* option you can set a description, background image and so on.

View File

@ -6,21 +6,22 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>GNU Social</h1>
</center>
#+END_EXPORT
* GNU Social
GNU Social is typically referred to as a microblogging system, although with a maximum post length much longer than Twitter it's really a sort of federated community blog with a stream-based appearance which also supports markdown formatting.
You can host your own GNU Social instance and then "/remote follow/" other users who may also be doing the same. With a federated structure this type of system is hard to censor or ban. Unlike Twitter, there are no bribed adverts pushed into your stream, and any trends happening are likely to be real rather than being manipulated by some opaque algorithm.
You should regard anything posted to GNU Social as being /public communication/ visible to anyone on the internet. There is a direct messaging capability between users but it's not particularly secure, so for one-to-one messages stick to better methods, such as XMPP with OTR/OMEMO or Tox.
You should regard anything posted to GNU Social as being /public communication/ visible to anyone on the internet. There is a direct messaging capability between users but it's not particularly secure, so for one-to-one messages stick to better methods, such as XMPP with OpenPGP/OMEMO or Tox.
Some general advice about life in the fediverse [[./fediverse.html][can be found here]].
#+attr_html: :width 100% :align center
[[file:images/gnusocial_pleroma.jpg]]
* Installation
Log into your system with:
@ -29,13 +30,12 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *gnusocial*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. You can also add a welcome message and background picture URL if you wish, although those things are optional. Typically the domain name you use will be a subdomain, such as /gnusocial.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for GNU Social. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your GNU Social domain listed there along with an onion address. You can then navigate to your site in a browser.
@ -45,20 +45,29 @@ Once you have logged in to GNU Social you may then want to select *Admin* and ch
GNU Social has a clutter-free mobile user interface which can be accessed via a Tor compatible browser (make sure to add a NoScript exception). Unlike similar proprietary sites there are no bribed posts.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/gnusocial_mobile.jpg]]
#+END_CENTER
* Switching user interfaces
A few web based user interfaces are available for GNU SOcial. They are selectable by going to the *Administrator control panel* and choosing *App settings* then *gnusocial*.
#+attr_html: :width 80% :align center
[[file:images/gnusocial_settings.jpg]]
* *Qvitter*: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived
* *Pleroma*: A modern and lightweight user interface
* *Classic*: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations.
* Using with Emacs
#+attr_html: :width 100% :align center
[[file:images/gnu-social-mode.jpg]]
If you are an Emacs user it's also possible to set up GNU Social mode as follows:
#+begin_src bash :tangle no
mkdir ~/elisp
git clone git://git.savannah.nongnu.org/gnu-social-mode ~/elisp/gnu-social-mode
sed -i 's|"http"|"https"|g' ~/elisp/gnu-social-mode/gnu-social-mode.el
sed -i 's|http:|https:|g' ~/elisp/gnu-social-mode/gnu-social-mode.el
sed -i 's|http?|https?|g' ~/elisp/gnu-social-mode/gnu-social-mode.el
git clone https://code.freedombone.net/bashrc/gnu-social-mode ~/elisp/gnu-social-mode
echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
echo "(require 'gnu-social-mode)" >> ~/.emacs
echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
@ -69,29 +78,43 @@ echo " gnu-social-password \"gnusocialpassword\")" >> ~/.emacs
And as a quick reference the main keys are:
| Key | Function |
|---------------+--------------------|
#+begin_src bash :tangle no
M-x gnu-social
#+end_src
The basics:
| i | Show icons |
| CTRL-c CTRL-s | Post status update |
| r | Repeat |
| F | Favourite |
| R | Reply to user |
| CTRL-c CTRL-h | Highlight |
| R | Reply to user |
| CTRL-c CTRL-r | Show replies |
| CTRL-c CTRL-f | Friends timeline |
| CTRL-c CTRL-v | View user profile |
Navigation:
* Sharing things
If you have the GNU Social microblogging system installed then it's also possible to share things or services between groups or with particular users. This can be useful for sharing items within a family, club or in a local sharing economy. Sharing things freely, without money, reveals the social basis at the root of all economics which money normally conceals or obscures.
| j | Next |
| k | Previous |
Click on "/share/" or "/my catalog/" and this will switch to a screen which allows you to enter details for things to be shared or wanted.
Showing timelines:
#+BEGIN_CENTER
[[file:images/sharings3.jpg]]
#+END_CENTER
| g | Current timeline |
| CTRL-c CTRL-a | Public timeline |
| CTRL-c CTRL-g | Group timeline |
| CTRL-c CTRL-t | Tag timeline |
| CTRL-c CTRL-k | Stop |
| CTRL-c CTRL-u | User timeline |
| CTRL-c CTRL-c | Conversation timeline |
| CTRL-c CTRL-o | Remote user timeline |
| CTRL-c CTRL-d | Post direct Message |
The "/catalog/" button then allows you to search for shared things within the federated network.
* Blocking controls
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_blocking.jpg]]
#+BEGIN_CENTER
[[file:images/sharings4.jpg]]
#+END_CENTER
The biggest hazard with GNU Social is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the *Administrator control panel* and selecting *Domain or User Blocking*, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
If you want to block a particular user then select *Block a domain or user* and enter the user in the format *username@domaintoblock* (similar to an email address).

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Gogs</h1>
</center>
#+END_EXPORT
* Gogs
Github is ok, but it's proprietary and funded by venture capital. If you been around on the internet for long enough then you know how this story eventually works itself out - i.e. badly for the users. It's really only a question of time. If you're a software developer or do things which involve the Git version control system then it's a good idea to become accustomed to hosting your own repositories, before the inevitable Github shitstorm occurs.
@ -27,7 +22,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *gogs*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /code.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>HTMLy</h1>
</center>
#+END_EXPORT
* HTMLy
HTMLy is a databaseless blogging system.
@ -25,7 +20,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *htmly*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /blog.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.

View File

@ -6,17 +6,12 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Hubzilla</h1>
</center>
#+END_EXPORT
* Hubzilla
Hubzilla is a web publishing and social network system which includes wiki, web pages, photo albums and file storage. It also has privacy controls which allow you to define who can see which content. It's possible to write posts and have them visible only to a group of friends (known as "/privacy groups/"), with the encryption being handled automatically.
Hubzilla is a web publishing and social network system which includes wiki, web pages, photo albums and file storage. It also has privacy controls which allow you to define who can see which content. It's possible to write posts and have them visible only to a group of friends (known as "/privacy groups/"), with the encryption being handled automatically. Currently Hubzilla only works on the clearnet and doesn't have an onion address.
* Installation
Log into your system with:
@ -25,18 +20,17 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *hubzilla*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /hub.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Hubzilla. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Hubzilla. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your Hubzilla domain listed there along with an onion address. You can then navigate to your site in a browser.
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your Hubzilla domain listed there. You can then navigate to your site in a browser.
On first visiting your Hubzilla site you'll see the login screen. The first thing you need to do is *register* a new user. The first user on the system then becomes its administrator.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/hubzilla_mobile.jpg]]
#+END_CENTER

57
doc/EN/app_icecast.org Normal file
View File

@ -0,0 +1,57 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, icecast
#+DESCRIPTION: How to use Icecast
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Icecast
Icecast enables you to run something like an internet radio station. So if you have multiple audio files and want to be able to stream those in sequence from a web site then this can be useful.
This system is available only via an onion address, which should mitigate the potential for copyright disputes over streamed content. By default it's only set up to stream to a small number of users so that it doesn't put too much stress on CPU or memory requirements, although you can increase the maximum limit if you have a more powerful system and enough bandwidth.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password. Select *Add/Remove Apps* then *icecast*.
If you then go to the *About* screen you'll see the onion address for Icecast and can navigate to it in a Tor compatible browser.
* Adding files to be streamed
There are two ways to get files onto the system: either via ssh or via a USB drive. File types can be *ogg, ogv, mp3 or mp4* format.
It may take a while for the files to import, especially on a low power single board computer, since any mp3 or mp4 files will be converted to ogg or ogv. If you want to speed this up then you could do this conversion manually on a laptop with ffmpeg before storing files onto the USB drive or uploading them via ssh.
** From a USB drive
Create a directory on the USB drive named *icestream* and copy your files into there. Plug the drive into your server.
Go to the *Administrator control panel*, select *App settings*, then *icecast*, then *Import stream files from USB drive*.
** Via ssh
Make a directory named *icestream* and copy your files into it. Then copy the directory to your server.
#+begin_src bash
scp -r -P 2222 icestream myusername@mydomain:/home/myusername
#+end_src
Log into your server with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Select *Administrator controls*, enter your password, then go to *App settings* followed by *icecast* and *Import stream files*. Choose the directory with up and down cursors to select.
* Access controls
By default anyone who happens to find your Icecast onion address can listen to your stream. If you only want it to be available to a few friends or family then you can add an extra login password.
Go to the *Administrator control panel*, select *App settings*, then *icecast*, then *Enable login for stream users*. Take a note of the password and you can give that out to whoever needs access, preferably via an encrypted chat app or sneakernet. If you need to copy and paste then hold the shift key while highlighting the password.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>IRC</h1>
</center>
#+END_EXPORT
* IRC
IRC is useful for multi-user chat. The classic use case is for software development where many engineers might need to coordinate their activities, but it's also useful for meetings, parties and general socialising.
@ -56,10 +51,12 @@ Enter first and second nicknames and check *connect to this network on startup*.
If you are using the ordinary domain name (clearnet/ICANN) then make sure that *Use SSL* is checked.
#+attr_html: :width 80% :align center
[[file:images/hexchat_setup_clearnet.jpg]]
If you are using the onion address then *use SSL* should be unchecked and the transport encryption will be handled via the onion address itself.
#+attr_html: :width 80% :align center
[[file:images/hexchat_setup.jpg]]
Within the *Password* field enter the password which can be found from the IRC menu of the *control panel*.

34
doc/EN/app_kanboard.org Normal file
View File

@ -0,0 +1,34 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, kanboard
#+DESCRIPTION: How to use KanBoard
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* KanBoard
Kanbans are one way of managing projects. They're traditionally used in businesses but can also be useful for personal TODO lists or within open source or DIY projects. If you have a list of things which need to be done and want to keep track of progress then this provides a way to do that.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *kanboard*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /kanban.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for KanBoard. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your KanBoard domain listed there along with an onion address. You can then navigate to your site in a browser.
The default login is username "admin" and password "admin". Obviously the first thing you'll need to do is log in and change the password, which can be done by going to "My Profile" on the drop down list on the right hand side.
For more details of how to use KanBoard see the [[https://kanboard.net/documentation][documentation here]].

61
doc/EN/app_keyserver.org Normal file
View File

@ -0,0 +1,61 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, keyserver
#+DESCRIPTION: How to use KEYSERVER
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* OpenPGP Key Server
The /web of trust/ is a nice idea, but how trustable is it? If you take a look at how many OpenPGP key servers are out there then there are a two or three main ones and not much else. Can you trust those servers? Who is maintaining them and how often? Is any censorship going on? How hard would it be for adversaries to get implants onto them? In terms of technology this infrastructure is quite old and it could have been neglected for a long time. Once vigilant maintainers might have turned lazy and gotten lax with server security, or been recruited over to the dark side.
For these kinds of reasons you might prefer to run your own web of trust infrastructure. In simple terms it's a database of GPG public keys which provides a way for users to /find out how to communicate with others securely via email/. You can meet in person and exchange public keys via sneakernet on USB drives, but most users of GPG don't do that. Instead they just download the public key for a given email address from one of the key servers.
#+attr_html: :width 80% :align center
[[file:images/keyserver.jpg]]
* Installation
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Add/Remove Apps* then *keyserver*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /keys.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for the Key server. If the certificate is obtained successfully then you will see a congratulations message.
* How to use it
Interaction with the web user interface is pretty minimal and obvious, but most likely you will also want to be able to use your keyserver from the commandline. To do that use the *--keyserver* option. For example to search for a key on your server:
#+begin_src bash
gpg --keyserver [your keyserver domain] --search-keys [email address]
#+end_src
Or to send a key to it:
#+begin_src bash
gpg --keyserver [your keyserver domain] --send-keys [email address or key ID]
#+end_src
Or to get a key:
#+begin_src bash
gpg --keyserver [your keyserver domain] --recv-keys [email address or key ID]
#+end_src
* Sync with other keyservers
Key servers avoid censorship or errors by gossiping between each other and cross referencing the data. You can define which other servers your key server will gossip with by going to the *Administrator control panel*, selecting *App Settings* then *keyserver* then *Sync with other keyserver*.
It's a good idea not to try to sync with the popular OpenPGP key servers, because those have gigantic databases which may make your server unstable and certainly would make it hard to create backups within a tractable amount of time. This option is mainly intended to sync with other Freedombone systems or small home servers within a particular community.
* Possible problems
OpenPGP key servers are not very well defended from flooding attacks. This means that an adversary could just upload a billion keys to destabilize the server and fill it with nonsense to make it unusable. Since key servers are /fully open to the public/ there isn't anything to prevent that from happening.
Within the Freedombone system there is a watchdog script which keeps track of the key server database size, and disables the key server if that gets too large. Apart from the usual firewall and web server traffic rate limits, this is a crude but probably practical way of defending against flooding.
If a flood attack does happen then really the only way to recover is to restore from the last known good backup, which can be done from the *Administrator control panel*.

71
doc/EN/app_koel.org Normal file
View File

@ -0,0 +1,71 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, koel, music
#+DESCRIPTION: How to use Koel
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Koel
This enables you to store your music on the Freedombone server and then access it from any internet connected device. If you just want to make music accessible within your home network then [[./app_dlna.html][DLNA]] is usually sufficient, but if you want to be able to play your music from anywhere then [[https://koel.phanan.net][Koel]] is a better option.
#+attr_html: :width 80% :align center
[[file:images/koel.jpg]]
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *koel*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /music.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
Go back to the *Administrator control panel*, select *Passwords* then *koel*. You can then use this password together with your email address to initially log in.
Once logged in go to settings and set the media path to */music*.
#+attr_html: :width 80% :align center
[[file:images/koelsettings.jpg]]
* Importing music
This app doesn't have any way to upload music and instead just expects that there will be a directory on the server containing music files. There are a couple of ways to get new music files onto the system: either by using ssh or by putting them onto a USB drive.
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_koel.jpg]]
** Via ssh
On your local system:
#+begin_src bash
scp -P 2222 -r ~/Music username@domainname:/home/username
#+end_src
This will copy anything files in your local Music directory to your home directory on the Freedombone system.
Now log in to your Freedombone system:
#+begin_src bash
ssh username@domainname -p 2222
#+end_src
And select *Administrator settings* followed by *App settings* then *koel*. Select *Import music from directory* then using up and down cursors select the directory and *press space* so that it appears in the selection box below. Select *Ok* and then the files will be moved to their final destination in the */music* directory.
** Via USB drive
Create a LUKS formatted USB drive. It's possible to do this by plugging a new USB drive into the Freedombone system then going to the *Administrator control panel*, selecting *App settings* then *koel* then *Format a USB drive*. You will need to specify a password, which in this case doesn't need to be anything highly secure.
Once the drive if formatted you can remove it and copy Music files onto it from other systems. Make sure the files are contained within a directory named *Music*.
Once you have music on a LUKS formatted USB drive then plug it into the Freedombone system. Go to the *Administrator control panel*, select *App settings* then *koel* then *Import music from USB drive*. Enter the password you used to create the drive and music files will then be copied.
** Synchronizing
To detect the imported files you might need to re-synchronize. Within Koel go to settings and then select *Scan*. Any imported files should then be available to play.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Lychee</h1>
</center>
#+END_EXPORT
* Lychee
Lychee is a simple and lightweight photo album for the web. Whether you're an amateur or professional photographer, or want to publish random holiday pics or cat pictures. Lychee just does what it says it does without any fuss. There is also a photo album feature within [[./app_hubzilla.html][Hubzilla]] if you need more sophisticated social photo sharing with individualised permissions.
@ -25,7 +20,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *lychee*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /code.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
@ -36,9 +31,8 @@ If you have just obtained a Lets Encrypt certificate as above then go to *About*
Within a browser navigate to your lychee domain name or onion address. It should look like this:
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/lychee_setup.jpg]]
#+END_CENTER
Within the *Administrator control panel* select *App Settings* and then *lychee*. This will show the initial login settings which you need to set up the database. To copy the password hold down the shift key, select the password then right click and copy.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Mailpile</h1>
</center>
#+END_EXPORT
* Mailpile
Mailpile provides a nice looking webmail interface suitable for use on desktop or mobile clients. It has good support for email encryption and makes that quite an simple process. At present it's usable but still has a few bugs and limitations. If you need a fully functional email client with comprehensive encryption support then either use Mutt or Thunderbird/Icedove.
@ -29,7 +24,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *mailpile*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /mail.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
@ -56,16 +51,16 @@ Uncheck *Detect Settings* and click *Next*.
Under *Sending Mail* select *local* or if you need to proxy outgoing email through your ISP's server select *SMTP/TLS* and enter the details, then click *Next*.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/mailpile_setup.jpg]]
#+END_CENTER
Under *Receiving files* select *IMAP*, the domain as *localhost*, port *143*, your username and password, then click *Next*. Astute readers may well be concerned that IMAP over port 143 is not encrypted, but since this is only via localhost communication between the Mail Transport Agent and Mailpile doesn't travel over the internet and port 143 is not opened on the firewall so it's not possible to accidentally connect an external mail client insecurely.
Under *Receiving files* select *IMAP*, the domain as *localhost*, port *143* and your username, then click *Next*. Astute readers may well be concerned that IMAP over port 143 is not encrypted, but since this is only via localhost communication between the Mail Transport Agent and Mailpile doesn't travel over the internet and port 143 is not opened on the firewall so it's not possible to accidentally connect an external mail client insecurely.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/mailpile_setup_keys.jpg]]
#+END_CENTER
Under *Security and Privacy* either select your existing encryption key or if you only get the option to create a new one then do so, then click *Add* or *Save*.
You will then be asked for a password. Confusingly, this won't be the password you gave initially when setting up Mailpile. It's the original *ssh password* which you used to set up the Freedombone system.
The process of importing your email should then occur, and can take some time.

52
doc/EN/app_matrix.org Normal file
View File

@ -0,0 +1,52 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, matrix
#+DESCRIPTION: How to use Matrix
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Matrix
#+attr_html: :width 100% :align center
[[file:images/matrix_riotweb.jpg]]
Matrix is a federated communications system, typically for multi-user chat, with end-to-end content security features. You can consider it to be like a modernized version of IRC chat where the crypto and access controls have been built in by default. At present Matrix is really only a creature of the clearnet and so there isn't any way to protect the metadata. Despite the talk of security the lack of metadata defenses make this really only suitable for public communications, similar to microblogging or public IRC channels.
Another consideration is that since matrix operates on the usual HTTPS port number (443) this may make it difficult for ISPs or governments to censor this type of communications via port blocking without significant blowback.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *matrix*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /matrix.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
* Initial setup
Go to the *Administrator control panel* and select *Passwords* then *matrix*. This will give you the password to initially log in to the system and you can change it later from a client app if needed.
Install the *Riot* app from *F-droid* on a mobile device. You can then log in with your username and password, making sure to select a custom server and then entering your Matrix domain name for both the main server and identity server.
Other client apps are available but are currently mostly only at the alpha stage. You can also install the [[./app_riot.html][Riot freedombone app]] if you need a user interface for desktops or laptops.
* DNS setup
It's recommended that you add an SRV record for Matrix to your DNS setup. How you do this will depend upon your dynamic DNS provider and their web interface. On FreeDNS on the subdomains settings in addition to the subdomain which you are using for the matrix server create an extra entry as follows:
#+begin_src text
Type: SRV
Subdomain: _matrix._tcp
Domain: [youdomain]
Destination: 10 0 8448 [yourmatrixsubdomain]
#+end_src
You may also want to make another entry with the same settings but replacing *tcp* with *udp*.
* Mobile app
If you're using the Riot mobile app to access your Matrix homeserver then you can significantly improve battery performance by going to the *settings* and changing *Sync request timeout* to 30 seconds and *Delay between two sync requests* to 600 seconds. Also turning off *msgs in group chats* will help, since it will avoid getting a notification whenever a group chat event happens, which then wakes up the screen.

View File

@ -0,0 +1,57 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, mediagoblin
#+DESCRIPTION: How to use Mediagoblin
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Mediagoblin
With Mediagoblin you can host video and audio content in a similar manner to the proprietary systems such as YouTube and SoundCloud. This system supports free media formats such as /webm/, /ogv/ and /ogg/. Another similar system which might be better fitted for small servers is [[./app_peertube.html][PeerTube]], since it uses webtorrent to distribute video files. Webtorrent will only work with WebRTC enabled browsers though.
When hosting media files you should take into consideration that since anyone on the internet can view your content then this could significantly increase your bandwidth usage and overall strain on the server. Also unless you are just hosting images then hardware such as the Beaglebone Black won't be powerful enough for a good user experience when either uploading or playing back videos. It's recommended that you use one of the more powerful quad (or more) core single board computers or an old laptop if you want to run Mediagoblin on it.
#+attr_html: :width 50% :align center
#+BEGIN_CENTER
[[file:images/mediagoblin.jpg]]
#+END_CENTER
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *mediagoblin*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. You can also add a welcome message and background picture URL if you wish, although those things are optional. Typically the domain name you use will be a subdomain, such as /media.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Mediagoblin. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
If you have just obtained a Lets Encrypt certificate as above then go to *About* on the administrator control panel and you should see your Mediagoblin domain listed there along with an onion address. You can then navigate to your site in a browser.
Create an account and verify it by returning to the *user control panel* opening the email client and looking for the Mediagoblin verification email. It will contain a link that you should follow to activate the account.
You should repeat that for however many accounts you want on the system and then go back to the *administrator control panel*, select *App Settings* then *mediagoblin* and turn off new registrations. This will prevent millions of spam accounts from being created by internet bots.
* File formats
It's a good idea to upload videos in /webm/ format. In that case Mediagoblin will skip the transcoding step (which can take hours for videos of non-trivial length) and the whole process will be quicker. Transcoding just converts whatever file format you submit into a standard resolution and file type. On your local system you can convert a video to webm with:
#+begin_src bash
ffmpeg -i myvideo.mp4 myvideo.webm
#+end_src
Or if you are moving a video from YouTube to your own site:
#+begin_src bash
youtube-dl -f webm [my_video_url]
#+end_src

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Mumble</h1>
</center>
#+END_EXPORT
* Mumble
Mumble is a well known VoIP system originally used for gaming, but which works just as well for any general conference calls or meetings.
@ -22,9 +17,22 @@ Mumble is a well known VoIP system originally used for gaming, but which works j
In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy.
* Using with Ubuntu
Within the software center search for "mumble" and install the client then run it. Skip through the audio setup wizard.
First ensure that tor is installed. Within a terminal:
Click on "add new" to add a new server and enter the default domain name for the Freedombone, your username (which can be anything) and the VoIP server password which can be found in the *Passwords* section of the *Administrator control panel*. Accept the self-signed SSL certificate if you don't have a Let's Encrypt certificate set up for your default domain. You are now ready to chat.
#+begin_src bash
sudo apt-get install tor
#+end_src
Within the software center search for "mumble" and install the client then run it. Skip through the audio setup wizard. Cancel the initial connection window.
From the menu select *Configure* then *Settings*. Select the *Advanced* checkbox then select *Network*. Select *Force TCP mode* and proxy type *Socks5*. Hostname should be set to *localhost* and port should be *9050*.
#+attr_html: :width 80% :align center
[[file:images/mumble_config.jpg]]
Select *Apply* and *Ok*, then on the menu *Server* and *Connect*.
Click on "add new" to add a new server and enter the *default domain name* for the Freedombone (currently the onion address isn't supported, but might be in future), your username (which can be anything) and the VoIP server password which can be found in the *Passwords* section of the *Administrator control panel*. Accept the self-signed SSL certificate if you don't have a Let's Encrypt certificate set up for your default domain. You are now ready to chat.
* Using with Android
Install [[https://f-droid.org/][F-Droid]]
@ -35,8 +43,8 @@ Search for and install Plumble.
Press the plus button to add a Mumble server.
Enter a label (which can be any name you choose for the server), the default domain name of the Freedombone or preferably the mumble onion address as shown on the *About* screen of the *Administrator control panel*, your username (which can also be anything) and the mumble password which can be found in the *Passwords* section of the *Administrator control panel*.
Enter a label (which can be any name you choose for the server), the default domain name of the Freedombone or preferably the mumble onion address as shown on the *About* screen of the *Administrator control panel*, your username (which can also be anything) and the mumble password which can be found in the *Passwords* section of the *Administrator control panel*. Leave the port number unchanged.
Open the settings. Select General, then Connect via Tor. This will provide better protection, making it more difficult for adversaries to know who is talking to who.
Open the settings. Select *General*, then *Connect via Tor*. This will provide better protection, making it more difficult for adversaries to know who is talking to who. If connecting through Tor is unreliable and causes crashes then unselect *Connect via Tor* on the *General settings* and then just use your ordinary domain name.
Selecting the server by pressing on it then connects you to the server so that you can chat with other connected users.

39
doc/EN/app_nextcloud.org Normal file
View File

@ -0,0 +1,39 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, nextcloud
#+DESCRIPTION: How to use NextCloud
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* NextCloud
#+attr_html: :width 100% :align center
[[file:images/nextcloud.jpg]]
NextCloud is a system for file synchronisation and also has many other plugins for calendar, videoconferencing, collaborative document editing and federated file sharing. It's a lot more elaborate than Syncthing, but there may be situations where centralized control of your files on your server is better than a purely peer-to-peer approach (eg. if you need to remove a user's access to files).
The videoconferencing plugin requires a browser with WebRTC support and so is unlikely to work in a Tor browser, but may still be a better option than using proprietary systems.
* Operational considerations
If your ISP or the government in your area is part of your threat model then NextCloud may not be the best choice for hosting files and [[./app_syncthing.html][Syncthing]] could be preferable. In the past the NextCloud company is known to have remotely scanned servers without permission and reported server admins who don't immediately update to the latest version of the software to their ISPs or to questionable government agencies. Depending upon where you are located such activities by the developer, which are not really in the spirit of independent self-hosting, could have very undesirable results.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *nextcloud*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /cloud.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
* Initial setup
Go to the *Administrator control panel* and select *Passwords* then *nextcloud*. This will give you the password to initially log in to the system and you can change it later from a client app if needed.
With a browser navigate to the domain which you gave during installation and log in.
You can also install the mobile client from F-droid.

49
doc/EN/app_peertube.org Normal file
View File

@ -0,0 +1,49 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, peertube
#+DESCRIPTION: How to use PeerTube
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+attr_html: :width 100% :align center
[[file:images/peertube.jpg]]
This is a video hosting system similar to Mediagoblin but using webtorrent to help distribute the files to or between clients. This should be more practical for situations where a video becomes popular because the load is then spread across the network, with performance increasing with the number of nodes. However, the torrenting aspect of it only works with WebRTC enabled browsers and so this means it's unlikely to fully work with a Tor browser. Without WebRTC then from a user point of view it's effectively the same thing as Mediagoblin.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *peertube*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /video.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
Although PeerTube can handle a few formats *webm* is the currently recommended one. Other formats might not play in some browsers or on some libre distros.
* Initial setup
Navigate to your site and select *Signup* to create a new account. By default the maximum number of accounts on your system is limited to a small number so that millions of random internet users can't then begin uploading dubious content. After that it's pretty straightforward.
If you wish it's possible to turn off further signups via the *Administrator control panel* under *App settings* for *peertube*.
* Importing videos from YouTube/Vimeo/Dailymotion
It's possible to import videos from the main proprietary video hosting sites. /Only do this if they're videos which you made, or if the license is Creative Commons/. Hosting arbitrary videos under nonfree licenses is likely to get you into trouble, and we know how that works out from the P2P wars of the 2000s (i.e. badly).
Go to the *Administrator control panel*, select *App settings* then *peertube* then *Import videos from YouTube/Vimeo/Dailymotion*. Enter your PeerTube login details and then you may specify either the individual video URL or the channel URL if you want to import a whole channel.
* Importing videos from your desktop
The most convenient way to add new videos to PeerTube is if you have the *syncthing* app installed. Set up [[./app_syncthing.html][syncthing]] with a folder called ~/Sync in your home directory. Create a subdirectory called *~/Sync/peertube_upload*. Within that directory make a text file called *login.txt*. This will contain your PeerTube login details.
The first line of login.txt should be your username, the second line should be the password and optionally the third line can contain the words *public* and/or *nsfw*, if you want to make imported videos immediately public or mark them as not suitable for work.
Prepare your videos preferably in *webm* format. Other formats may be poorly supported, especially on libre distros. To minimize bandwidth usage try to keep your videos as small as possible. Giant videos with incredibly high resolution tend to result in a bad user experience. Often just converting your videos to *webm* using *ffmpeg* will keep the size down.
Now copy or drag and drop your videos into the *~/Sync/peertube_upload* directory. Syncthing will sync to the server and automatically add the videos to PeerTube. Depending on how large the videos are this may take some time.
Imported videos can be seen by logging into PeerTube, selecting *My account* then the *My videos* tab. You can then view them, add a description and select to make them public if you wish.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>PI-Hole: The Black Hole for Web Adverts</h1>
</center>
#+END_EXPORT
* PI-Hole: The Black Hole for Web Adverts
Idiots who have an inflated sense of self-entitlement will tell you that it's /your moral duty/ to view their mind-numbingly tedious corporate ads on their web site or YouTube channel, or else their kids will starve and the sky will fall because their revenue stream will dry up. But that's bullshit. There is nothing intrinsic or morally mandatory about adverts propping up the livelihoods of netizens, and indeed a web not primarily based on advertising money might have been a much better and more interesting place by now, with a lot less spying.
@ -32,21 +27,33 @@ When that's done select *About this system* from the control panel and see the I
* On each client system within your local network
Make sure that you add the static IP address for the server to */etc/hosts*.
#+begin_src bash
STATIC_IP=[your server static IP]
sudo echo "$STATIC_IP [your domain name]" >> /etc/hosts
#+end_src
On Arch/Parabola:
#+begin_src bash
sudo pacman -S openresolv
sudo sed -i "s|#name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
sudo sed -i "s|name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
sudo chattr -i /etc/resolv.conf
sudo nano /etc/resolv.conf
sudo resolvconf -u
#+end_src
Comment out any existing entries with a # character and add:
Or on a Debian based system:
#+begin_src bash
nameserver [IPv4 address from the About screen]
#+end_src
Normally /resolv.conf/ will be overwritten every time your reboot, but you can prevent this with:
#+begin_src bash
sudo chattr +i /etc/resolv.conf
sudo apt-get install resolvconf
echo 'domain localdomain' > /tmp/resolvconf
echo 'search localdomain' >> /tmp/resolvconf
echo "nameserver $STATIC_IP" >> /tmp/resolvconf
sudo mv /tmp/resolvconf /etc/resolvconf/resolv.conf.d/head
sudo chattr -i /etc/resolv.conf
sudo resolvconf -u
#+end_src
* On your internet router

57
doc/EN/app_pleroma.org Normal file
View File

@ -0,0 +1,57 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, pleroma
#+DESCRIPTION: How to use Pleroma
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+BEGIN_QUOTE
"/The way to keep giant companies from sterilizing the Internet is to make their sites irrelevant. If all the cool stuff happens elsewhere, people will follow. We did this with AOL and Prodigy, and we can do it again./" -- Maciej Cegłowski
#+END_QUOTE
Pleroma is an OStatus and ActivityPub compatible social networking server, compatible with GNU Social, PostActiv and Mastodon. It is high-performance and so is especially well suited for running on low power single board computers without much RAM.
Some general advice about life in the fediverse [[./fediverse.html][can be found here]].
#+attr_html: :width 100% :align center
[[file:images/pleroma.jpg]]
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *pleroma*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /pleroma.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
* Initial setup
The first thing you'll need to do is to obtain your login details. From the *administrator control panel* select *security settings* then *passwords* then *pleroma*. This gives the password you will need to log in, together with the username you gave during installation of the Freedombone system.
Once you have done that then you can disable further registrations from the *Administrator control panel* by going to *App Settings* then *pleroma* then *Disable new account registrations*. This may take a while because the app gets recompiled afterwards.
* Mastodon user interface
If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once you have registered an account navigate to */yourpleromadomainname/web* and log in.
#+attr_html: :width 100% :align center
[[file:images/pleromamastodon.jpg]]
* Mobile apps
It's also possible to use Mastodon apps together with Pleroma, such as Tusky, since it supports the Mastodon API. You may need to install *IcecatMobile* and set it as your default browser (under *Settings/Apps/Menu*) in order for the initial oauth registration process to work.
#+attr_html: :width 50% :align center
[[file:images/tusky.jpg]]
* Blocking controls
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_blocking.jpg]]
The biggest hazard with Pleroma is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the *Administrator control panel* and selecting *Domain or User Blocking*, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
If you want to block a particular user then select *Block a domain or user* and enter the user in the format *username@domaintoblock* (similar to an email address).

View File

@ -6,18 +6,18 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>PostActiv</h1>
</center>
#+END_EXPORT
* PostActiv
PostActiv is a fork of [[./app_gnusocial.html][GNU Social]] which includes some extra fixes and optimisations to improve performance. It federates just like GNU Social does and so whether you choose GNU Social or PostActiv is really just down to personal prefernce.
Some general advice about life in the fediverse [[./fediverse.html][can be found here]].
#+attr_html: :width 100% :align center
[[file:images/postactiv_pleroma.jpg]]
* Installation
Log into your system with:
@ -25,7 +25,7 @@ Log into your system with:
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *postactiv*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /code.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
@ -37,3 +37,74 @@ If you have just obtained a Lets Encrypt certificate as above then go to *About*
To see the login password for your site go to *Passwords* on the *Administrator control panel* and select the appropriate username and app. The passwords will be different for each user and may not be the same as the password which you used to originally ssh into the system.
Navigate to your PostActiv domain name and log in.
* Switching user interfaces
A few web based user interfaces are available for PostActiv. They are selectable by going to the *Administrator control panel* and choosing *App settings* then *postactiv*.
#+attr_html: :width 80% :align center
[[file:images/postactiv_settings.jpg]]
* *Qvitter*: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived
* *Pleroma*: A modern and lightweight user interface
* *Classic*: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations.
* Using with Emacs
#+attr_html: :width 100% :align center
[[file:images/gnu-social-mode.jpg]]
If you are an Emacs user it's also possible to set up GNU Social mode, which is compatible with PostActiv. You can do that as follows:
#+begin_src bash :tangle no
mkdir ~/elisp
git clone https://code.freedombone.net/bashrc/gnu-social-mode ~/elisp/gnu-social-mode
echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
echo "(require 'gnu-social-mode)" >> ~/.emacs
echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
echo " gnu-social-server \"yourpostactivdomain\"" >> ~/.emacs
echo " gnu-social-username \"yourusername\"" >> ~/.emacs
echo " gnu-social-password \"postactivpassword\")" >> ~/.emacs
#+end_src
And as a quick reference the main keys are:
#+begin_src bash :tangle no
M-x gnu-social
#+end_src
The basics:
| i | Show icons |
| CTRL-c CTRL-s | Post status update |
| r | Repeat |
| F | Favourite |
| CTRL-c CTRL-h | Highlight |
| R | Reply to user |
| CTRL-c CTRL-r | Show replies |
| CTRL-c CTRL-f | Friends timeline |
| CTRL-c CTRL-v | View user profile |
Navigation:
| j | Next |
| k | Previous |
Showing timelines:
| g | Current timeline |
| CTRL-c CTRL-a | Public timeline |
| CTRL-c CTRL-g | Group timeline |
| CTRL-c CTRL-t | Tag timeline |
| CTRL-c CTRL-k | Stop |
| CTRL-c CTRL-u | User timeline |
| CTRL-c CTRL-c | Conversation timeline |
| CTRL-c CTRL-o | Remote user timeline |
| CTRL-c CTRL-d | Post direct Message |
* Blocking controls
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_blocking.jpg]]
The biggest hazard with PostActiv is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "/whole known network/" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the *Administrator control panel* and selecting *Domain or User Blocking*, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
If you want to block a particular user then select *Block a domain or user* and enter the user in the format *username@domaintoblock* (similar to an email address).

27
doc/EN/app_privatebin.org Normal file
View File

@ -0,0 +1,27 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, privatebin
#+DESCRIPTION: How to use PrivateBin
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* PrivateBin
This is an encrypted pastebin, such that the server has zero knowledge of the content. It's intended for small amounts of text less than 32K in length. It's not intended for transfering large files, or for storing pastes for more than a day.
Because this is completely open to any user on the internet you should be wary of the potential for DDoS, and only install this app if you really need to avoid using other pastebins or if other pastebin sites are censored or untrustable. There are traffic limits set within this app to attempt to minimize the potential for flooding attacks, but that might still not be sufficient in the worst cases.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *privatebin*. You'll need to enter your preferred subdomain - something like /paste.yourdomain.com/ and optionally a freedns code.

68
doc/EN/app_profanity.org Normal file
View File

@ -0,0 +1,68 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, profanity
#+DESCRIPTION: How to use the Profanity XMPP client
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Profanity
To install this app you will first need to install the [[./app_xmpp.html][XMPP server]].
The [[https://profanity.im][Profanity]] shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found.
#+BEGIN_SRC bash
ssh username@domain -p 2222
#+END_SRC
Then select *Run App* and then *profanity*.
Generate an [[https://en.wikipedia.org/wiki/Off-the-Record_Messaging][OTR]] key with:
#+BEGIN_SRC bash
/otr gen
#+END_SRC
Then to start a conversation using OTR:
#+BEGIN_SRC bash
/otr start otherusername@otheruserdomain
#+END_SRC
or if you're already in an insecure chat with someone just use:
#+BEGIN_SRC bash
/otr start
#+END_SRC
Set a security question and answer:
#+BEGIN_SRC bash
/otr question "What is the name of your best friends rabbit?" fiffi
#+END_SRC
On the other side the user can enter:
#+BEGIN_SRC bash
/otr answer fiffi
#+END_SRC
For the most paranoid you can also obtain your fingerprint:
#+BEGIN_SRC bash
/otr myfp
#+END_SRC
and quote that. If they quote theirs back you can check it with:
#+BEGIN_SRC bash
/otr theirfp
#+END_SRC
If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see [[https://www.profanity.im/otr.html][this guide]]
When accessed via the user control panel the client is automatically routed through Tor and so if you are also using OTR then this provides protection for both message content and metadata.

View File

@ -1,41 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, radicale
#+DESCRIPTION: How to use Radicale
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Radicale</h1>
</center>
#+END_EXPORT
Radicale is a calendar server which allows your to synchronise your calendar across all your devices. Support for CalDAV within various client systems can be quite patchy/flaky though, so use it with caution.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *radicale*. If you don't already have an SSL/TLS certificate for your main domain then go to the security settings and create a new Let's Encrypt cert for it. That will ensure that your calendar events have some minimal level of protection from passive surveillance.
* Setting up on Android
Via F-droid install *DAVdroid*.
There seems to be a problem with Let's Encrypt certificates with this app, but it's possible to get around it. Open DAVdroid and select the side *menu* followed by *Settings*. Enable *Distrust system certificates* and press *Reset untrusted certificates*.
Exit from settings and press the *plus button* to add an account. Select *Login with URL and user name*. The URL should be https://yourmaindomainname/radicale/. Remember to include the trailing slash on the URL. If you installed Freedombone from a disk image then enter your username and the password which was shown at the start of installation. If not then the password for Radicale will be within *Passwords* section of the *Administrator control panel*.
You will be prompted to approve the Let's Encrypt cerificate for your domain name, and once that's done then you should see your account as a large yellow box. Press on that and ensure that *Addresses* and *calendar* are selected.
Now go to your calendar app and press the plus icon to add an event. You should notice that the calendar account selected is your username on the Freedombone system.

31
doc/EN/app_riot.org Normal file
View File

@ -0,0 +1,31 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, riot
#+DESCRIPTION: How to use Riot Web
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Riot Web
#+attr_html: :width 100% :align center
[[file:images/riotweb.jpg]]
Riot Web is a browser based user interface for the [[./app_matrix.html][Matrix]] federated communications system. It allows you to do encrypted one-to-one or group chat, and has some fancy WebRTC features for voice and video conversations. The WebRTC stuff won't work in a Tor browser though. This type of system is fine for general public communications and collaboration on open source projects or gaming groups. For things which require real privacy though stick to XMPP with OMEMO.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *riot* and also make sure that *matrix* is selected or was previously installed. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /riot.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
* Initial setup
Go to the *Administrator control panel* and select *Passwords* then *matrix*. This will give you the password to initially log in using the Riot Web user interface. Log in, and that's it. Happy chatting.

28
doc/EN/app_rocketchat.org Normal file
View File

@ -0,0 +1,28 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, rocketchat
#+DESCRIPTION: How to use Rocketchat
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Rocketchat
Rocketchat is a chat system which is mainly suited for private chat with a few family and friends. It has some integration capability with other systems, but isn't federated as [[./app_xmpp.html][XMPP]] or [[./app_matrix.html][Matrix]] are. If you need high security then XMPP with Conversations is probably still the best option.
This system is only available for X86 architecture, so won't install on ARM boards but probably will on an old laptop.
* Installation
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Administrator controls* then *Add/Remove Apps* then *rocketchat*. Enter your domain name and freedns code if you're using freedns.
Navigate to your rocketchat domain and register an account. The first registration becomes the administrator. It's a good idea within the Rocketchat administration settings under *Accounts* to select *Registration* and *Manually Approve New Users*, then save. This will prevent millions of random internet users from creating accounts on your server.

View File

@ -6,21 +6,15 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>RSS Reader</h1>
</center>
#+END_EXPORT
* RSS Reader
The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/rss_reader_mobile.jpg]]
#+END_CENTER
* Finding the onion address
See the control panel for the RSS reader onion address.

45
doc/EN/app_searx.org Normal file
View File

@ -0,0 +1,45 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, searx, search
#+DESCRIPTION: How to use SearX metasearch
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* SearX
SearX is a metasearch engine. That means it returns results from other selected search engines. It's accessible via an onion address and provides a private search ability. Really the only advantage it gives you over searching directly from a Tor browser is the ability to customise your search experience.
In terms of security both the connection between you and the server, and the outgoing connection from the server to other search engines are onion routed. This should give you a reasonable level of search privacy.
#+attr_html: :width 100% :align center
[[file:images/searx.jpg]]
* Installation
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Administrator controls* then *Add/remove apps*. From there you can use cursor keys, space and enter keys to select *searx*.
Once it has installed go to *About* on the *Administrator control panel* and look for *searx*. Take a note of the onion address, and you can then enter that into a Tor compatible browser.
* Make it your default search
In a Tor browser click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "/Freedombone Metasearch/" and you can then right click on it and make it the default search.
* Enabling password login
It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
To enable password login go to the *Administrator control panel* then *App settings* then select *searx* and *Enable login*. If you select "yes" then the password will be displayed.
* Customization
It's also possible to customise the background image if you go to *App settings* then select *searx*.

29
doc/EN/app_smolrss.org Normal file
View File

@ -0,0 +1,29 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, smolrss, rss
#+DESCRIPTION: How to use Smol RSS
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Smol RSS
This is an extremely simple RSS reader which is available only from an onion address, so that you have /the right to read/. There is very little code and so not much attack surface, and it will scale to screens of any size. This should be a better reading experience on mobile than with [[./app_ttrss.html][tt-rss]].
A disadvantage is that you can only add or remove feeds via the Freedombone administrator control panel, so this isn't suitable for multi-user environments. But once you have your feeds set up it's trivial to use, and unless you publish the onion address confidentiality should be maintained.
* Installation
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomain.com -p 2222
#+END_SRC
Select *Administrator controls* then *Add/Remove Apps* then *smolrss*.
After installation within *Administrator controls* go to *App settings* then *smolrss*. You can then add some feeds or edit the existing feed list. There are a few default feeds as an example.
Within *Administrator controls* go to *About this system* and select *smolrss*. You will then have the onion address. Navigate to your reader in a Tor compatible browser. You may need to allow the site within NoScript. Then select a feed from the list and begin reading. That's all there is to it.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Syncthing</h1>
</center>
#+END_EXPORT
* Syncthing
Syncthing provides a similar capability to proprietary systems such as Dropbox, and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "/men in the middle/", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from.
@ -44,24 +39,25 @@ In another terminal log into Freedombone:
ssh username@domainname -p 2222
#+END_SRC
Then select *File Synchronization*.
Then select *Run an App* and *syncthing*.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_file_sync.jpg]]
#+END_CENTER
Select *Show device ID* and copy the long string of letters and numbers shown, using the shift key then select the text followed by right click then select copy.
Open a non-Tor browser and enter *http://127.0.0.1:8384* as the URL. You should now see the minimalistic user interface. Under *Remote Devices* select *Add Remote Device*. In the *Device ID* field paste the string you just copied (CTRL+v). The Device name can be anything. Under *Share Folders with Device* check *default* (or whatever folder you created on your local machine), then save.
#+BEGIN_CENTER
#+attr_html: :width 50% :align center
[[file:images/syncthing_browser.jpg]]
#+END_CENTER
From the top menu select *Actions* and then *Show ID*, then copy the ID string (usually select then CTRL+c). Go back to the terminal control panel menu and select *Add an ID* then paste what you just copied (CTRL+v). Optionally you can also provide a description so that you later can know what that string corresponds to.
Now wait for a few minutes. Eventually you will see two messages appear within the browser asking if you want to add two new folders from the Freedombone server. Say yes to both, and specify *~/Sync* as the directory with your username and *~/SyncShared* as the shared directory. You can now copy files into your *~/Sync* directory and they will automatically be synced to the server. Those will be files which only you can access. If you copy files into *~/SyncShared* then they will also be available to any other users on the system.
* Desktop app
If you're running Arch/Parabola there is a package called [[https://github.com/syncthing/syncthing-gtk][syncthing-gtk]] which provides a GTK GUI and an icon indicating whether synchronization is happening. This can be more convenient than using the browser interface.
* On Android
Install Syncthing and Connectbot from F-droid.

38
doc/EN/app_tahoelafs.org Normal file
View File

@ -0,0 +1,38 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, Tahoe-LAFS
#+DESCRIPTION: How to use Tahoe-LAFS
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Tahoe-LAFS
This is a robust system for encrypted file storage on one or more servers. Files are accessed via a URL which contains the public key with which it was encrypted.
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *tahoelafs*. This system is entirely based upon use of onion addresses and so no other domain names are needed.
* Initial setup
Get the login password for your Tahoe-LAFS system by going to *Passwords* on the *Administrator control panel* and selecting *tahoelafs*.
Go to the *About* screen on the *Administrator control panel* and look for the onion address for *tahoelafs* within the list of domains. Enter that into a Tor compatible browser. along with your username and the tahoelafs password. You can then use the interface to upload files and obtain URLs for them. The URL contains the public key needed to decrypt the file.
* Adding more servers
You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually.
#+attr_html: :width 50% :align center
[[file:images/controlpanel/control_panel_tahoelafs.jpg]]
Other servers will typically be Freedombone systems with Tahoe-LAFS installed. Your Tahoe-LAFS server settings can be found on the *About* screen of the *Administrator control panel*. Use an end-to-end encrypted chat app to copy and paste those details and send them to other friends. To add the server details go to *App settings* on the *Administrator control panel* then select *tahoelafs* and *Add server*.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Tox</h1>
</center>
#+END_EXPORT
* Tox
Tox is an encrypted peer-to-peer messaging system and so should work without Freedombone. It uses a system of nodes which act as a sort of directory service allowing users to find and connect to each other. The Tox node ID on the Freedombone can be found within *App Settings* under *tox* within the *Administrator control panel*. If you have other users connect to your node then you will be able to continue chatting even when no other nodes are available.
@ -27,6 +22,5 @@ ssh myusername@mydomain -p 2222
Then from the menu select *Run an app* followed by *tox*. Tox is encrypted by default and also routed through Tor, so it should be reasonably secure both in terms of message content and metadata.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/toxic.jpg]]
#+END_CENTER

46
doc/EN/app_turtl.org Normal file
View File

@ -0,0 +1,46 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, turtl, notes, images, sharing
#+DESCRIPTION: How to use Turtl
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Turtl
#+begin_quote
"/Now is a very important time in history. Every aspect of our lives is moving into the digital world faster than we realize. We use apps like Dropbox or Evernote because of their convenience, but in doing so we sacrifice our privacy. What data isn't sold to advertisers or stolen by hackers is carved up by government surveillance./"
#+end_quote
Turtl is a system for privately creating and sharing notes and images, similar to Evernote. It can be set up so that a small number of users on the server can share their notes in a convenient way. It doesn't have any web user interface, and you need to install native clients on mobile or laptop/desktop machines.
Since the data at rest is stored in PGP encrypted format this is a good system to use in cases where security really is a critical factor.
#+attr_html: :width 50% :align center
[[file:images/turtl.jpg]]
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *turtl*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /notes.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Turtl. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
The most common use case will be with Android devices. The Android app isn't currently available within F-droid (see [[https://turtlapp.com/faq][the FAQ]] for details) but can be [[https://turtlapp.com/download/][downloaded from the Turtl site]].
Run the downloaded native app then at the bottom of the screen select *advanced settings* and enter your turl domain name, then register a new account. The password can be anything you choose, but since the client side encryption depends upon having a good password make it a long random string generated by a password manager such as KeepassX.
You should then be able to log in and start using the app. You might also want to invite any other users of your Freedombone system to also sign up using the turtl domain name which you specified during installation.
* Locking it down
Once you have created accounts it's a good idea to turn off new turtl signups. This will prevent millions of random users on the interwebs from creating accounts on your system and killing your server, or possibly other nefarious security scenarios. Go to the *administrator control panel* and select *App Settings* then *turtl*. You will then be able to disable new user registrations and also set the data storage limit for users. If you need additional users later you can always temporarily re-enable signups.

78
doc/EN/app_vpn.org Normal file
View File

@ -0,0 +1,78 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, openvpn
#+DESCRIPTION: How to use OpenVPN on Freedombone
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* OpenVPN
#+begin_quote
"/The Net interprets censorship as damage and routes around it./" -- John Gilmore
#+end_quote
A Virtual Private Network (VPN) allows you to move your internet traffic to a different machine in a different geographical location by creating a private cryptographically protected route to that location. The usual use cases are to get around local censorship of the internet such as when you see the message "/this content is not available in your area/" when trying to play a video. Maybe you're on holiday and your hotel or workplace internet connection is censored. Using a VPN you can connect to your home server and then use the internet normally.
Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
* Installation
ssh into the system with:
#+BEGIN_SRC bash
ssh myusername@mydomainname -p 2222
#+END_SRC
Select *Administrator controls* then *Add/Remove apps* then *vpn*. Choose the port which you want the VPN to operate on and then the install will continue.
Only use ports 443 or 80 for VPN as an /absolute last resort/, since doing so will prevent other web based apps from running on your server.
* Usage
When the installation is complete you can download your VPN keys and configuration files onto your local machine.
#+begin_src bash
scp -P 2222 myusername@mydomainname:/home/myusername/client.ovpn .
scp -P 2222 myusername@mydomainname:/home/myusername/stunnel* .
#+end_src
You will need to ensure that the /openvpn/ and /stunnel/ packages are installed. On an Arch based system:
#+begin_src bash
sudo pacman -S openvpn stunnel4
#+end_src
Or on a Debian based system:
#+begin_src bash
sudo apt-get install openvpn stunnel4
#+end_src
Now you can connect to your VPN with:
#+begin_src bash
sudo stunnel stunnel-client.conf
sudo openvpn client.ovpn
#+end_src
You should see a series of messages with "/Initialization Sequence Completed/" showing at the end. Leave the terminal open and perhaps minimize it to remain connected to the VPN. To leave the VPN close the terminal window.
* Changing port number
Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
#+BEGIN_SRC bash
ssh myusername@mydomainname -p 2222
#+END_SRC
Select *Administrator controls* then *App Settings* then *vpn*. Choose *Change TLS port* and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the [[Usage]] section above.
* Generating new keys
It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the *Administrator controls* by going to *App Settings* then *vpn* then choosing *Regenerate keys for a user* and downloading the new keys as described in the [[Usage]] section above.

View File

@ -6,15 +6,10 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>XMPP/Jabber</h1>
</center>
#+END_EXPORT
* XMPP/Jabber
Most people know XMPP as "/Jabber/" and it's sometimes regarded and an old protocol once used by Google and Facebook but which is no longer relevant. However, it still works and if appropriately configured, as it is on Freedombone, can provide the best chat messaging security currently available.
@ -22,6 +17,8 @@ With regard to chat apps you might have read a lot of stuff about /end-to-end se
A well written article on the state of XMPP and how it compares to other chat protocols [[https://gultsch.de/xmpp_2016.html][can be found here]].
* Using with Profanity
You can install the [[./app_profanity.html][profanity app]] via *Add/remove apps* on the *Administrator control panel*. Logging in and then selecting *Run App* and *profanity* will start it.
* Using with Gajim
In mid 2016 [[https://gajim.org/][Gajim]] became the first desktop XMPP client to support the [[https://en.wikipedia.org/wiki/OMEMO][OMEMO end-to-end security standard]], which is superior to the more traditional [[https://en.wikipedia.org/wiki/Off-the-Record_Messaging][OTR]] since it also includes multi-user chat and the ratcheting mechanism pioneered by Open Whisper Systems. To install it:
@ -40,6 +37,8 @@ Open Gajim and enter your XMPP address and password.
Go to *Edit/Preferences* and select the *Advanced* tab. Under *Global Proxy* select *Tor* and the *Close* button. Then select *Edit/Plugins* and make sure that OMEMO is active (ticked), then select the *Close* button.
Go to *Edit/Accounts*, select your account then the *Connection* tab. Ensure that *Use custom hostname/port* is checked and enter your onion address there as the hostname (it can be found on the /About/ screen of the administrator control panel). Using the onion address will give you better protection against correlation attacks within the Tor network. Also under *Proxy* select *Tor*.
When you start a conversation make sure that the OMEMO box is ticked. You can also click on the keys button and trust various fingerprints. Both sides will need to do that before an encrypted chat can start.
If you wish to make backups of the OMEMO keys then they can be found within:
@ -50,59 +49,6 @@ If you wish to make backups of the OMEMO keys then they can be found within:
If you wish to use OpenPGP to encrypt your messages then go to *Edit/Accounts*, select your account and then the *Personal Information* tab. You can then choose your GPG key. When initiating a chat you can select the *Advanced* button and then select *Toggle OpenPGP Encryption*. OpenPGP is not as secure as OMEMO, but does allow you to use XMPP in a similar style to email in that the recipient of the message does not necessarily need to be online at the same time that you send it.
* Using with Profanity
The [[https://profanity.im][Profanity]] shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found.
#+BEGIN_SRC bash
ssh username@domain -p 2222
#+END_SRC
Then select XMPP. Generate an [[https://en.wikipedia.org/wiki/Off-the-Record_Messaging][OTR]] key with:
#+BEGIN_SRC bash
/otr gen
#+END_SRC
Then to start a conversation using OTR:
#+BEGIN_SRC bash
/otr start otherusername@otheruserdomain
#+END_SRC
or if you're already in an insecure chat with someone just use:
#+BEGIN_SRC bash
/otr start
#+END_SRC
Set a security question and answer:
#+BEGIN_SRC bash
/otr question "What is the name of your best friends rabbit?" fiffi
#+END_SRC
On the other side the user can enter:
#+BEGIN_SRC bash
/otr answer fiffi
#+END_SRC
For the most paranoid you can also obtain your fingerprint:
#+BEGIN_SRC bash
/otr myfp
#+END_SRC
and quote that. If they quote theirs back you can check it with:
#+BEGIN_SRC bash
/otr theirfp
#+END_SRC
If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see [[https://www.profanity.im/otr.html][this guide]]
When accessed via the user control panel the client is automatically routed through Tor and so if you are also using OTR then this provides protection for both message content and metadata.
* Using with Jitsi
Jitsi can be downloaded from https://jitsi.org
@ -125,9 +71,6 @@ Enter your username (username@domainname) and password.
Click on *Advanced* and make sure that *Encryption required* and *Ignore SSL certificate errors* are checked. Ignoring the certificate errors will allow you to use the self-signed certificate created earlier. Then click *Done* and set your Jabber account and Empathy to *On*.
* Using Tor Messenger
Tor Messenger is a messaging client which supports XMPP, and its onion routing enables you to protect the metadata of chat interactions to some extent by making it difficult for an adversary to know which server is talking to which. You can download Tor Messenger from [[https://torproject.org][torproject.org]] and the setup is pretty simple.
* Using with Android/Conversations
Install [[https://f-droid.org/][F-Droid]]
@ -147,3 +90,5 @@ Port: 5222
#+END_SRC
Then select *Next*. When chatting you can use the lock icon to encrypt your conversation. OMEMO is the recommended type of encryption. It's also going through Tor, so passive surveillance of the metadata should not be easy for an adversary.
It's also recommended to disable battery optimisations for Conversations and Orbot. If you don't do that then you may have trouble receiving messages or some parts of the protocol may break. That can be done by going to *Settings*, selecting *Battery* then opening the menu (top right) and selecting *Battery optimisations* then selecting *Not optimised* and *All apps*, then finally choosing Conversations and Orbot not to be optimised.

View File

@ -6,20 +6,38 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+begin_export html
<center><h1>Apps</h1></center>
#+end_export
#+begin_quote
"/In times of aggressive corporatization, increasing enclosure of communication spaces, and blanket surveillance, emancipatory communication practices appear to be particularly well suited to offer concrete alternatives to activists and citizens alike/" -- Stefania Milan
#+end_quote
The base install of the system just contains an email server and Mutt client, but not much else. In addition from within the *Administrator control panel* under *Add/remove apps* the following are installable. This list only applies on the home server version, with the mesh network version having a different and smaller set of apps.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_apps.jpg]]
#+END_CENTER
* Akaunting
A web based accounts system for small businesses or freelancers.
[[./app_akaunting.html][How to use it]]
* BDS Mail
It's like ordinary email, but with [[https://en.wikipedia.org/wiki/I2P][i2p]] as the transport mechanism.
[[./app_bdsmail.html][How to use it]]
* Bludit
This is a simple databaseless blogging system which uses markdown files. It should run well on any hardware.
[[./app_bludit.html][How to use it]]
* CryptPad
Collaborate on editing documents, presentations and source code, or vote on things. All with a good level of security.
[[./app_cryptpad.html][How to use it]]
* Datserver
Seed dat protocol files from your server to make them always accessible.
[[./app_datserver.html][How to use it]]
* DLNA
Enables you to use the system as a music server which any DLNA compatible devices can connect to within your home network.
@ -28,20 +46,30 @@ Enables you to use the system as a music server which any DLNA compatible device
A databaseless wiki system.
[[./app_dokuwiki.html][How to use it]]
* Edith
Extremely simple and distraction-free notes system.
[[./app_edith.html][How to use it]]
* Emacs
If you use the Mutt client to read your email then this will set it up to use emacs for composing new mail.
[[./app_emacs.html][How to use it]]
* Email Server
Since many apps require email registration an email server is installed by default. You can find advice on using the email system [[./usage_email.html][here]].
* Etherpad
Collaborate on creating documents in real time. Maybe you're planning a holiday with other family members or creating documentation for a Free Software project along with other volunteers. Etherpad is hard to beat for simplicity and speed. Only users of the system will be able to access it.
[[./app_etherpad.html][How to use it]]
* Ghost
Modern looking blogging system.
* Federated wiki
A new approach to creating wiki content.
[[./app_ghost.html][How to use it]]
[[./app_fedwiki.html][How to use it]]
* Friendica
Federated social network system.
[[./app_friendica.html][How to use it]]
* GNU Social
Federated social network. You can "/remote follow/" other users within the GNU Social federation.
Federated social network based on the OStatus protocol. You can "/remote follow/" other users within the GNU Social federation.
[[./app_gnusocial.html][How to use it]]
* Gogs
@ -56,6 +84,10 @@ Databaseless blogging system. Quite simple and with a markdown-like format.
Web publishing platform with social network like features and good privacy controls so that it's possible to specify who can see which content. Includes photo albums, calendar, wiki and file storage.
[[./app_hubzilla.html][How to use it]]
* Icecast media stream
Make your own internet radio station.
[[./app_icecast.html][How to use it]]
* IRC Server (ngirc)
Run your own IRC chat channel which can be secured with a password and accessible via an onion address. A bouncer is included so that you can receive messages sent while you were offline. Works with Hexchat and other popular clients.
@ -63,6 +95,18 @@ Run your own IRC chat channel which can be secured with a password and accessibl
* Jitsi Meet
Experimental WebRTC video conferencing system, similar to Google Hangouts. This may not be fully functional, but is hoped to be in the near future.
* KanBoard
A simple kanban system for managing projects or TODO lists.
[[./app_kanboard.html][How to use it]]
* Key Server
An OpenPGP key server for storing and retrieving GPG public keys.
[[./app_keyserver.html][How to use it]]
* Koel
Access your music collection from any internet connected device.
[[./app_koel.html][How to use it]]
* Lychee
Make your photo albums available on the web.
@ -71,38 +115,94 @@ Make your photo albums available on the web.
Modern email client which supports GPG encryption.
[[./app_mailpile.html][How to use it]]
* Matrix
Multi-user chat with some security and moderation controls.
[[./app_matrix.html][How to use it]]
* Mediagoblin
Publicly host video and audio files so that you don't need to use YouTube/Vimeo/etc.
[[./app_mediagoblin.html][How to use it]]
* Mumble
The popular VoIP and text chat system. Say goodbye to old-fashioned telephony conferences with silly dial codes. Also works well on mobile.
[[./app_mumble.html][How to use it]]
* NextCloud
Store files on your server and sync them with laptops or mobile devices. Includes many plugins including videoconferencing and collaborative document editing.
[[./app_nextcloud.html][How to use it]]
* PeerTube
Peer-to-peer video hosting. Similar to Mediagoblin, but the P2P aspect better enables the streaming load to be shared across servers.
[[./app_peertube.html][How to use it]]
* PI-Hole
The black hole for web adverts. Block adverts at the domain name level within your local network. It can significantly reduce bandwidth, speed up page load times and protect your systems from being tracked by spyware.
[[./app_pihole.html][How to use it]]
* Pleroma
Fediverse instance which is compatible with GNU Social and Mastodon, and suited for systems without much RAM or CPU resource.
[[./app_pleroma.html][How to use it]]
* PostActiv
An alternative federated social networking system compatible with GNU Social. It includes some optimisations and fixes currently not available within the main GNU Social project.
An alternative federated social networking system compatible with GNU Social, Pleroma and Mastodon. It includes some optimisations and fixes currently not available within the main GNU Social project.
[[./app_postactiv.html][How to use it]]
* Radicale
Calendar system compatible with CalDAV and CardDAV. Synch your calendar events easily and securely across all your devices.
* PrivateBin
A pastebin where the server has zero knowledge of the content being pasted.
[[./app_radicale.html][How to use it]]
* tt-rss
Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via an onion address. Have "/the right to read/" without the Surveillance State knowing what you're reading. Also available with a user interface suitable for viewing on mobile devices via a browser such as OrFox.
[[./app_privatebin.html][How to use it]]
* Profanity
A shell based XMPP client which you can run on the Freedombone server via ssh.
[[./app_rss.html][How to use it]]
[[./app_profanity.html][How to use it]]
* Riot Web
A browser based user interface for the Matrix federated communications system, including WebRTC audio and video chat.
[[./app_riot.html][How to use it]]
* Rocketchat
A non-federated chat server (x86 systems only).
[[./app_rocketchat.html][How to use it]]
* SearX
A metasearch engine for customised and private web searches.
[[./app_searx.html][How to use it]]
* Smol RSS
A very minimal RSS reader.
[[./app_smolrss.html][How to use it]]
* Syncthing
Possibly the best way to synchronise files across all of your devices. Once it has been set up it "just works" with no user intervention needed.
[[./app_syncthing.html][How to use it]]
* tt-rss
Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via an onion address. Have "/the right to read/" without the Surveillance State knowing what you're reading. Also available with a user interface suitable for viewing on mobile devices via a browser such as OrFox.
[[./app_rss.html][How to use it]]
* Tahoe-LAFS
Robust and encrypted storage of files on one or more server.
[[./app_tahoelafs.html][How to use it]]
* Tox
Client and bootstrap node for the Tox chat/VoIP system.
[[./app_tox.html][How to use it]]
* Turtl
A system for privately creating and sharing notes and images, similar to Evernote but without the spying.
[[./app_turtl.html][How to use it]]
* Vim
If you use the Mutt client to read your email then this will set it up to use vim for composing new mail.
* Virtual Private Network (VPN)
Set up a VPN on your server so that you can bypass local internet censorship.
[[./app_vpn.html][How to use it]]
* XMPP
Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as /client state notification/ to save battery power on your mobile devices, support for seamless roaming between networks and /message carbons/ so that you can receive the same messages while being simultaneously logged in to your account on more than one device.
[[./app_xmpp.html][How to use it]]
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

100
doc/EN/armbian.org Normal file
View File

@ -0,0 +1,100 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, debian, armbian, sbc
#+DESCRIPTION: Installing Freedombone on Armbian
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+begin_quote
"/we are the music makers, we are the dreamers of dreams. cyberpunks and pirates. chaotic spectres haunting cyberspace. engineers, artists, hackers./"
#+end_quote
If you have a single board ARM computer which isn't one of the supported ones then you can probably still install Freedombone onto it if it has a [[https://www.armbian.com/download/][Debian Stretch Armbian image]] available for it.
Download the Armbian image for your board. It must be version 9 (Stretch), otherwise it won't work. Extract the image from its archive, then copy it to a microSD card:
#+begin_src bash
sudo dd bs=32M if=[Armbian .img file] of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
Where */dev/sdX* is the path for the microSD drive on your system.
When that's done use a tool such as *Gparted* to resize the partition on the microSD card to fill up any remaining available space.
Insert the microSD drive into your ARM board, connect it to your internet router with an ethernet cable and plug in the power.
The board should then show up somewhere on your local network. You can log into your internet router to see what devices are connected and obtain the local IP address for the board that way, or use a network scanning tool.
Once you know the local IP address of your ARM board then you can log into it with:
#+begin_src bash
ssh root@[local IP address]
#+end_src
Using the default Armbian password of *1234*. You should see the Armbian welcome message and will be asked to change the password, then create a new user account.
#+attr_html: :width 80% :align center
[[file:images/armbian_setup.jpg]]
When the user account is created type *exit* to leave the ssh session then log back in with your new user account.
#+begin_src bash
ssh myusername@[local IP address]
#+end_src
Become the root user:
#+begin_src bash
sudo su
#+end_src
Then clone the Freedombone repository and checkout the stretch development branch.
#+begin_src bash
apt-get -y install git dialog build-essential
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stretch
#+end_src
If you can't obtain a copy of the source code from *code.freedombone.net* (maybe the server is down) then you may still be able to obtain it with:
#+begin_src bash
dat clone dat://e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e/
cd e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e
tar -xzvf freedombone.tar.gz
cd freedombone
git checkout stretch
#+end_src
Install the Freedombone commands:
#+begin_src bash
make install
#+end_src
And now you can begin installing the Freedombone system. There are two ways of doing this. If you already own a domain name which you want to use then run:
#+begin_src bash
freedombone menuconfig
#+end_src
Alternatively, if you don't own a domain name, don't have administrator access to your internet router or if you want to be able to access your sites only via onion addresses then run:
#+begin_src bash
freedombone menuconfig-onion
#+end_src
You will then be taken through a few questions and the system will install. Afterwards you'll be able to log into your system with:
#+begin_src bash
ssh myusername@freedombone.local -p 2222
#+end_src
Then select *Administrator options*. If you chose the first install option using a domain name then go to *Show Firewall* and make sure that the ports shown are forwarded from your internet router to your ARM board.
You can then [[./apps.html][add or remove apps]] as needed.

View File

@ -1,20 +1,15 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, backup
#+DESCRIPTION: How to make backups on Freedombone
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Backups</h1>
</center>
#+END_EXPORT
* Backups
#+BEGIN_CENTER
#+ATTR_HTML: :border -1
@ -68,7 +63,7 @@ Enter the LUKS password for the USB drive. When the restore is complete you can
* Distributed/remote backups
Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the *adduser <username>* command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OTR. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you.
Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the *adduser <username>* command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OpenPGP/OMEMO. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you.
#+BEGIN_SRC bash
ssh username@domainname -p 2222

View File

@ -6,40 +6,36 @@
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Installing Freedombone on a Beaglebone Black</h1>
</center>
#+END_EXPORT
* Installing Freedombone on a Beaglebone Black
The Beaglebone Black is small, cheap, a fully open hardware design, has a hardware random number generator and consumes very little electrical power, making it suitable for all kinds of uses.
The Beaglebone Black is small, cheap, a fully open hardware design, has a hardware random number generator and consumes very little electrical power, making it suitable for all kinds of uses. There is also a wireless version.
You can easily use one to run your own internet services from home.
#+BEGIN_CENTER
[[file:images/bbb_above.jpg]]
#+END_CENTER
#+attr_html: :width 50% :align center
[[file:images/bbb_board.jpg]]
You will need:
* A Beaglebone Black. The exact revision of the hardware isn't very important, but it should have an ethernet socket.
* Optionally a plastic or metal case to protect the electronics.
* An ethernet cable. Typically these are colour coded either blue or yellow. Either colour will do.
* An ethernet cable. Typically these are colour coded either blue or yellow. Either colour will do. If you're using the Wireless version of the Beaglebone Black then you don't need this.
* Either a 5v power supply with 5.5mm barrel plug, or a miniUSB type B cable (typically supplied with the Beaglebone) and USB to mains adaptor.
* A microSD card at least 8 gigabytes in size. In tests Sandisk class 10 works well. Prefer smaller but faster I/O rating to larger but slower.
* A microSD card adaptor for your laptop or desktop system, so that you can copy the disk image to the card.
You may need to obtain a domain name and set up a dynamic DNS account for your new Freedombone server. Details on how to do that [[./domains.html][can be found here]].
On your laptop or desktop prepare a microSD card image as follows. To create an image on a Debian based system:
#+begin_src bash
sudo apt-get install git
git clone https://github.com/bashrc/freedombone
sudo apt-get install git dialog build-essential
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stockholm
git checkout stretch
sudo make install
freedombone-image --setup debian
#+end_src
@ -47,17 +43,26 @@ freedombone-image --setup debian
Or on Arch/Parabola:
#+begin_src bash
sudo pacman -S git
git clone https://github.com/bashrc/freedombone
sudo pacman -S git dialog
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stockholm
git checkout stretch
sudo make install
freedombone-image --setup parabola
#+end_src
#+BEGIN_CENTER
If you can't obtain a copy of the source code from *code.freedombone.net* (maybe the server is down) then you may still be able to obtain it with:
#+begin_src bash
dat clone dat://e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e/
cd e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e
tar -xzvf freedombone.tar.gz
cd freedombone
git checkout stretch
#+end_src
#+attr_html: :width 80% :align center
[[file:images/microsd_reader.jpg]]
#+END_CENTER
If you own a domain name and have it linked to a dynamic DNS account (eg. [[https://freedns.afraid.org][freeDNS]]) and want to make a system accessible via an ordinary browser then run:
@ -68,25 +73,23 @@ freedombone-image -t beaglebone
Or of you want a system where the services are only accessible via onion addresses.
#+begin_src
freedombone-image -t beaglebone --onion yes
freedombone-image -t beaglebone --onion-addresses-only yes
#+end_src
Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues.
Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues. This *does not* mean that everything gets routed through Tor, it just means that the sites for apps which you install will be available through Tor's address system.
Connect the power and ethernet cable and plug it into your internet router.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/bbb_back.jpg]]
#+END_CENTER
Now follow the [[./homeserver.html][instructions given here to copy the image to the microSD drive]] beginning with running the /freedombone-client/ command. Wherever it says "USB drive" substitute "microSD drive". When the microSD drive is ready plug it into the front of the Beaglebone. The photo below also includes an Atheros wifi USB dongle plugged into the front, but that's not necessary unless you want to set up the system to run on a wifi network.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/bbb_front.jpg]]
#+END_CENTER
Connect the power and for the non-wireless versions of the Beaglebone Black also connect the ethernet cable and plug it into your internet router.
Now power cycle by removing the power plug and then inserting it again. It should boot from the microSD drive and you should see the blue LEDs on the board flashing. If they don't fash at all for a few minutes then try copying the image to the microSD card again.
Follow the rest of the [[./homeserver.html][instructions given here]] to log in via ssh and install the system. The microSD drive /should remain inside the Beaglebone/ and not be removed. This will be its main drive, with the internal EMMC not being used at all.
Follow the rest of the [[./homeserver.html][instructions given here]] to log in via ssh and install the system. The microSD drive /should remain inside the Beaglebone/ and not be removed. This will be its main drive, with the internal EMMC not being used at all. For the Beaglebone Black Wireless ssh back in on the usual 192.168.7.2 address with the USB cable connected so that your wifi login parameters can be set.
There are many apps available within the Freedombone system and trying to install them all is probably not a good idea, since this hardware is very resource constrained on CPU and especially on RAM. If the system seems to be becoming unstable and crashing then the most likely cause is running out of RAM, in which case you can try uninstalling some apps. It is possible to monitor RAM usage by logging in with ssh, exiting to the command line and then running the /top/ command.

31
doc/EN/boards.org Normal file
View File

@ -0,0 +1,31 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, arm board, SBC, single board computer
#+DESCRIPTION: List of supported ARM boards
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Supported ARM boards
The following ARM boards are supported by the build system. If your board isn't listed here then you may still be able to install Freedombone using [[./armbian.html][Armbian]].
- beaglebone
- cubieboard2
- cubietruck
- pcduino3
- a20-olinuxino-lime
- a20-olinuxino-lime2
- a20-olinuxino-micro
- Lemaker Banana Pro
The latest image builds are obtainable with [[https://datproject.org/][dat]] and can be [[./downloads/images.txt][found here]].
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT

View File

@ -1,32 +1,21 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, code
#+DESCRIPTION: Freedombone codebase
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Code</h1>
</center>
#+END_EXPORT
* Code
Freedombone is really just a couple of [[https://www.gnu.org/software/bash][bash]] scripts which install and configure software on a Debian GNU/Linux system. If you're a system administrator, software engineer or Linux hobbyist you'll probably be familiar with command line scripting and be able to make your own modifications or custom variants to suit your needs. Freedombone is licensed under the [[https://www.gnu.org/licenses/agpl.html][GNU Affero General Public License version 3]] (or later).
You can find the source code for this project [[https://github.com/bashrc/freedombone][on Github]].
You can find the source code for this project on [[https://code.freedombone.net/bashrc/freedombone][code.freedombone.net]].
Bugs or feature requests should be [[https://github.com/bashrc/freedombone/issues][entered here]].
*Why Github?*
Github is closed source. Sooner or later it will probably turn evil or become like Sourceforge - which in the distant past was also once the darling of open source developers but has long since fallen from grace. The biggest reason to use Github is just the number of eyeballs there and the easy discoverability of projects.
Longer term it is expected that the source code for this project will also be self-hosted, with Github acting only as a mirror to increase visibility.
Bugs or feature requests should be [[https://code.freedombone.net/bashrc/freedombone/issues][entered here]].
#+BEGIN_EXPORT html
<center>

63
doc/EN/codeofconduct.org Normal file
View File

@ -0,0 +1,63 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, code of conduct
#+DESCRIPTION: Code of Conduct for the Freedombone project
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Code of Conduct
* Be respectful
In any Free Software project with more than one participant inevitably there may be people with whom you may disagree, or find it difficult to cooperate. Accept that, but even so, remain respectful. Disagreement is no excuse for poor behaviour or personal attacks, and a community in which people feel threatened is not a healthy community.
* Assume good faith
Freedombone Contributors have many ways of reaching our common goal of providing freedom respecting internet or mesh systems which may differ from your ways. Assume that other people are working towards this goal.
* Be collaborative
Freedombone is a moderately complex project, though nothing big and professional like GNU. It's good to ask for help when you need it. Similarly, offers for help should be seen in the context of our shared goal of improving the system.
When you make something for the benefit of the project, be willing to explain to others how it works, so that they can build on your work to make it even better.
* Try to be concise
If you're submitting documentation then keep in mind that what you write once could be read by many other people. To avoid TL;DR keep it as short and concise as possible. This will also reduce the amount of translations effort needed.
If you're discussing an issue or bug, try to stay on topic, especially in discussions that are already fairly large.
* Be open
Most ways of communication used within Freedombone (eg Matrix/XMPP) allow for public and private communication. Prefer public methods of communication for Freedombone-related messages, unless posting something sensitive.
This applies to messages for help, too; not only is a public support request much more likely to result in an answer to your question, it also makes sure that any inadvertent mistakes made by people answering your question will be more easily detected and corrected.
* No spamming
Posting of adverts or other off-topic content in Matrix/XMPP or other public systems used by the project will be considered a violation of the code of conduct.
* Respect others privacy
No stalking, unwanted personal attention, or unwelcome revealing or speculating about personal details of others.
In cases of sincere, good-faith curiosity about someones experience or identity, ask politely in a manner such that they will feel free to decline the request.
* No hostile communication
No insults, harassment (sexual or otherwise), condescension, ad hominem, threats, or other intimidation.
Condescension means treating others as inferior. Subtle condescension still violates the Code of Conduct even if not blatantly demeaning.
No stereotyping of or promoting prejudice or discrimination against particular groups or classes of people.
In cases where criticism of ideology or culture remains on-topic, respectfully discuss the ideas.
* In case of problems
While this code of conduct should be adhered to by participants, we recognize that sometimes people may have a bad day, or be unaware of some of the guidelines in this code of conduct. When that happens, you may reply to them and point out this code of conduct. Such messages may be in public or in private, whatever is most appropriate. However, regardless of whether the message is public or not, it should still adhere to the relevant parts of this code of conduct; in particular, it should not be abusive or disrespectful. Assume good faith; it is more likely that participants are unaware of their bad behaviour than that they intentionally try to degrade the quality of the discussion.
Serious or persistent offenders will be kicked from chat rooms and any of their subsequent patches will be unlikely to be upstreamed. In this context "serious" means that someone is causing others to feel unsafe or be unable to contribute, for whatever reason.
This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,123 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Control Panel
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Control panel</h1>
</center>
#+END_EXPORT
| [[Main menu]] |
| [[User control panel]] |
| [[About screen]] |
| [[Email filtering rules]] |
| [[Hubzilla menu]] |
| [[IRC menu]] |
| [[Media menu]] |
| [[Repository mirrors]] |
| [[Backup and restore menu]] |
| [[Security menu]] |
| [[User management menu]] |
* Main menu
You can access the main menu by logging into the system.
#+BEGIN_SRC bash
ssh myusername@mydomain -p 2222
#+END_SRC
Then selecting /Administrator controls/.
It should look like this:
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel.jpg]]
#+END_CENTER
To select anythng on the control panel use the *up and down* cursor keys and *space bar* to tag, then press *Enter*.
* User control panel
When a user initially logs in they will see a version of the control panel with restricted options aimed at the kinds of things which someone who isn't the administrator might wish to do. An expected scenario is that you might have a few friends or family members on the system, and this is who this menu is intended for.
From this menu checking email or running chat applications is very easy, and they are configured in a safe manner without the user needing to do anything special. Email uses *mutt*, XMPP uses *profanity* and IRC uses *irssi*.
#+BEGIN_CENTER
[[./images/controlpanel/control_panel_user.jpg]]
#+END_CENTER
It's also possible for the user to define email filtering rules, add a ssh public key for key based login and also add or remove GPG public keys. They can also do this via the commandline if they prefer, but the menu system may provide an easier user interface.
* About screen
To find out your current domain names select the About screen from the main menu. This is especially useful for finding your onion addresses. For improved security by compartmentalisation, and also simpler implementation, each application has its own onion address.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_about.jpg]]
#+END_CENTER
You can also see the SIP extension numbers for each user and how much disk space each user is consuming (typically this corresponds with email use).
The Local Mirrors contains mirrored copies of the git repositories used by the system. If they don't have access to default repositories (mostly Github) then you can give these details to other users and then they can set their main repository such that they can pull from your system. Obviously any users doing this need to trust that you havn't modified the mirrored repositories in any way.
* Email filtering rules
You can add users to mailing lists, or block particular email addresses or subject lines in this menu.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_filtering.jpg]]
#+END_CENTER
* Hubzilla menu
This allows you to set the global directory location and obtain an SSL/TLS certificate if necessary.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_hubzilla.jpg]]
#+END_CENTER
* IRC menu
You can view the current IRC password or change it from here. Currently the IRC server does not work equally well on clrearnet and via Tor, so there is an option to switch from one to the other. Initially the IRC server will be running on clearnet (i.e. no onion routing).
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_irc.jpg]]
#+END_CENTER
* Media menu
It's possible to add playable media to a USB drive and plug it into the system, then make it accessible to other devices such as tablets or phones on your local network via DLNA.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_media.jpg]]
#+END_CENTER
* Repository mirrors
If you don't want to use the default repositories, or don't have access to them, then you can obtain them from another Freedombone server (the details can be found on the other server on the *About* screen of the control panel).
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_mirrors.jpg]]
#+END_CENTER
* Backup and restore menu
You can create backups or restore from backup here. It's also possible to create keydrives which store the backup key.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_backup_restore.jpg]]
#+END_CENTER
* Security menu
If you need to generate SSL/TLS certificates or change cypher details due to changing recommendations then you can do that here. If you are changing cypher details be extra careful not to make mistakes/typos, which could reduce the security of your system.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_security.jpg]]
#+END_CENTER
* User management menu
Users can be added or removed here.
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_users.jpg]]
#+END_CENTER

41
doc/EN/debianinstall.org Normal file
View File

@ -0,0 +1,41 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, debian, install
#+DESCRIPTION: How to install Freedombone onto an existing Debian system
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* How to install on an existing Debian system
#+BEGIN_QUOTE
"/The antagonism of surveillance is not privacy but the making of communities in struggle/"
-- Arun Kundnani
#+END_QUOTE
Although the image builder supports a variety of architectures there may still be some which aren't supported. These especially include systems which have a proprietary boot blob, such as the Raspberry Pi boards.
It's still possible to install the system onto these unsupported devices if you need to. First you'll need to ensure that you have *Debian Stretch* installed and can get ssh access to the system. Then either via ssh, or directly on the target device in the case of an old laptop or netbook:
#+BEGIN_SRC bash
su
apt-get update
apt-get -qy install build-essential git dialog
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stretch
make install
freedombone menuconfig (or freedombone menuconfig-onion)
#+END_SRC
The installation process will then begin. Depending upon the hardware you're installing onto and your internet connection speed it may take quite a while to install.
Once installed you can then log in from another system with:
#+BEGIN_SRC bash
ssh yourusername@freedombone.local -p 2222
#+END_SRC

View File

@ -1,271 +1,100 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, developers
#+DESCRIPTION: Freedombone developers guide
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+begin_export html
<center><h1>Developers Guide</h1></center>
#+end_export
* Developers Guide
* Introduction
Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way.
* Community Statement
This project doesn't require you to take any special pledge of allegiance or subscribe to any guru's list of commandments. It does not care about your gender, race, national flag or political alignment. It is agnostic towards your religion or lack thereof. It doesn't give one hoot as to whether you are young or old, rich or poor, gay, trans, straight or just "other". It does not care if you like your eggs sunny side up or if you are a vegan.
This is an inclusive project which will take patches or pull requests from anyone, in a generous manner along the lines described by the late Pieter Hintjens in his book /Social Architecture/. Any useful patch is likely to be merged so long as it is submitted under a license compatible with AGPL3. Copyright assignment is not required.
Freedombone is a free system. That's free as in no secret source. For anything. Although there's nothing to stop you from adding proprietary utilities or apps if you wish, any patches containing closed stuff or which create dependencies upon closed systems will be regarded as trash and ignored.
This project also has a no bullshit policy. Anyone trying to cause a ruckus by trolling or engaging in behavior which is disruptive or disrespectful to others will be speedily blocked and ignored. Life's too short, and there's too much to be done.
Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the [[./codeofconduct.html][Code of Conduct]], and there is a Matrix room at *#fbone:matrix.freedombone.net*
* Adding extra apps
Suppose you have some internet application which you want to add to the system. To do this you need to create an app script which tells the system how to install/remove and also backup/restore. The script should be designed to work with the current stable version of Debian.
On an installed system the app scripts go into the directory:
There's a command which you can use to generate scripts for new apps. Some examples are as follows:
To create a script for a generic PHP plus MySql/MariaDB web app with a couple of extra packages:
#+begin_src bash
/usr/share/freedombone/apps
freedombone-template --app [name] -e [email] -r [repo url] \
--packages "cowsay libssl-dev" \
-c [commit] --php yes -d mariadb > \
src/freedombone-app-myappname
#+end_src
and within the project repo they appear within the /src/ directory. Your new app script should have the name:
For a Nodejs app with MySql/MariaDB database:
#+begin_src bash
freedombone-app-[myappname]
freedombone-template --app [name] -e [email] -r [repo url] \
-c [commit] --node yes -d mariadb \
--dir /etc/myappname --daemon yes > \
src/freedombone-app-myappname
#+end_src
The /myappname/ value should not contain any spaces and will appear in the list of available apps.
An example template for an app script is shown below. Copy this and add whatever variables and configuration you need. Search and replace /myappname/ with your own.
For a Python app with Postgresql database:
#+begin_src bash
#!/bin/bash
# Copyright (C) Year YourName <YourEmail>
#
# This program is free software: you can redistribute it
# and/or modify it under the terms of the GNU Affero General
# Public License as published by the Free Software Foundation,
# either version 3 of the License, or (at your option) any
# later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
# 'full' includes your app in the full installation and you
# can also add other variants, separated by spaces. The
# available variants will be detected automatically from the
# app scripts. In most cases don't change this.
VARIANTS='full'
# If you want this to appear on the control panel About screen
SHOW_ON_ABOUT=1
# If you want this app to be in the default installation,
# otherwise it will be available but not selected by default
IN_DEFAULT_INSTALL=1
SOME_IMPORTANT_CONFIG_VARIABLE='some important value'
ANOTHER_IMPORTANT_CONFIG_VARIABLE='foo'
MY_FUNKY_AVATAR=https://some-domain-or-other/fro.png
MYAPPNAME_ONION_PORT=[port number]
MYAPPNAME_DB_PASSWORD=
# A directory where the data for this app exists
MYAPP_DATA_DIR=/var/lib/somedirectory
# List of configuration variables used by the app
myappname_variables=(ONION_ONLY
MY_USERNAME
SOME_IMPORTANT_CONFIG_VARIABLE
ANOTHER_IMPORTANT_CONFIG_VARIABLE
MY_FUNKY_AVATAR
MYAPPNAME_ONION_PORT
MYAPPNAME_DB_PASSWORD)
function change_password_myappname {
PASSWORD_USERNAME="$1"
PASSWORD_NEW="$2"
# Do something to change the password
}
function reconfigure_myappname {
echo -n ''
# Do something to delete existing keys/identity and
# generate new ones
}
function upgrade_myappname {
echo -n ''
# Do something to upgrade this app.
# If it's a debian package then it will be maintained by the
# operating system and you don't need anything here
}
function backup_local_myappname {
# If your app has a MariaDB/MySQL database
backup_database_to_usb myappname
# To backup a directory
backup_directory_to_usb $MYAPP_DATA_DIR myappname
# if you need to backup data within individual user
# home directories
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
echo $"Backing up myappname config for $USERNAME"
if [ -d /home/$USERNAME/.config/myappname ]; then
backup_directory_to_usb \
/home/$USERNAME/.config/myappname \
myappname_users/$USERNAME
fi
fi
done
}
function restore_local_myappname {
temp_restore_dir=/root/tempmyappname
# If your app has a MariaDB/MySQL database
restore_database myappname
# Restore some data from a directory
# Note that we don't restore directly but to a temporary
# directory and then copy the files. This ensures that if
# there is a restore failure you don't end up with
# half-copied or corrupted files
restore_directory_from_usb $MYAPP_DATA_DIR myappname
cp -r $temp_restore_dir/$MYAPP_DATA_DIR $MYAPP_DATA_DIR
rm -rf $temp_restore_dir
# If you need to restore a configuration directory for each user
if [ -d $USB_MOUNT/backup/myappname_users ]; then
for d in $USB_MOUNT/backup/myappname_users/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
fi
echo $"Restoring Vim config for $USERNAME"
function_check restore_directory_from_usb
restore_directory_from_usb $temp_restore_dir \
myappname_users/$USERNAME
cp -r $temp_restore_dir/home/$USERNAME/.config \
/home/$USERNAME/
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
backup_unmount_drive
exit 664
fi
rm -rf $temp_restore_dir
fi
done
fi
}
function backup_remote_myappname {
# this should be the same as backup_local_myappname,
# but call the backup functions backup_directory_to_friend
# and backup_database_to_friend
}
function restore_remote_vim {
# this should be the same as restore_local_myappname,
# but call the restore function restore_directory_from_friend
# and restore_database_from_friend
}
function remove_myappname {
# if it's a debian package then:
apt-get -y remove --purge [my-app-package-name]
# If your app has a MariaDB/MySQL database
drop_database myappname
# If your app uses an onion address
remove_onion_service myappname ${MYAPPNAME_ONION_PORT}
}
function install_myappname {
# if it's a debian package then:
apt-get -y install [my-app-package-name]
# If you need to create a MariaDB/MySQL database for the app
MYAPPNAME_DB_PASSWORD="$(create_password 20)"
create_database myappname "$MYAPPNAME_DB_PASSWORD" $MY_USERNAME
# If you need to create an onion address for the app
MYAPPNAME_ONION_HOSTNAME=$(add_onion_service myappname \
80 ${MYAPPNAME_ONION_PORT})
# Do any other configuration
# Here you might use $ONION_ONLY or
# $SOME_IMPORTANT_CONFIG_VARIABLE
# Mark the app as having installed successfully
# If this variable isn't set then it will be assumed that
# the install has failed
APP_INSTALLED=1
}
function install_interactive_myappname {
# Interactively obtain some values using dialog, such as
# domain names. An avatar changing example is:
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
dialog --title $"Change your avatar" \
--backtitle $"Freedombone Control Panel" \
--inputbox $"Enter a URL for an image. It should be " \
$"approximately a square image." 8 75 2>$data
sel=$?
case $sel in
0)
MY_FUNKY_AVATAR=$(<$data)
if [ ${#MY_FUNKY_AVATAR} -gt 3 ]; then
clear
# do whatever is needed to change the avatar
# in your app
dialog --title $"Change your avatar" \
--msgbox $"Your avatar has been changed" 6 40
fi
;;
esac
# install_myappname will be called automatically after this function
}
# NOTE: deliberately no exit 0
freedombone-template --app [name] -e [email] -r [repo url] \
-c [commit] -d postgresql \
--dir /etc/myappname --daemon yes > \
src/freedombone-app-myappname
#+end_src
To test your app log into your system, select *Exit to command line* then gain root powers with:
For a Python app without any database, communicating between the daemon and the web server on port 1234:
#+begin_src bash
sudo su
freedombone-template --app [name] -e [email] -r [repo url] \
-c [commit] --dir /etc/myappname \
--daemon yes --portinternal 1234 > \
src/freedombone-app-myappname
#+end_src
Copy your app script to */usr/share/freedombone/apps/freedombone-app-myappname*.
And run the admin control panel:
For an app without any database which communicates directly on a particular port through the firewall:
#+begin_src bash
control
freedombone-template --app [name] -e [email] -r [repo url] \
-c [commit] --dir /etc/myappname \
--daemon yes --port 5000 > \
src/freedombone-app-myappname
#+end_src
Select *Add/Remove Apps* and if all is well then you should see your app listed as installable. Test that installing and removing it works as expected.
A generic PHP plus MySql/MariaDB web app which is only available on an onion address:
Submit your working app to *https://github.com/bashrc/freedombone/issues*
#+begin_src bash
freedombone-template --app [name] -e [email] -r [repo url] \
-c [commit] --php yes -d mariadb \
--onion yes > \
src/freedombone-app-myappname
#+end_src
For more details see the manpage:
#+begin_src bash
man freedombone-template
#+end_src
The template command won't give you a fully working app, but it will give you a big head start and avoid a lot of potential mistakes. It's highly likely that you'll still need to add extra configuration for your particular app, especially within the *install_app* function.
When your new script is ready for testing you can install it with:
#+begin_src bash
make install
#+end_src
Then run the administrator control panel and you should see the new app within *Add/Remove apps*.
Submit your working app to *https://code.freedombone.net/bashrc/freedombone/issues*, create a pull request or if you don't have an account there you can send patches via email to bob@freedombone.net.
* Customising mesh images
If you want to make your own specially branded version of the mesh images, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.
If you need particular /dconf/ commands to alter desktop appearance or behavior then see the function /mesh_client_startup_applications/ within *src/freedombone-image-customise*.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

51
doc/EN/domains.org Normal file
View File

@ -0,0 +1,51 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, domains, dynamic dns
#+DESCRIPTION: How to obtain a domain name
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* How to get a domain name
* The domain name itself
If you want your sites or chat systems to be available via an ordinary web browser (i.e. not a Tor browser) then you'll need to obtain a domain name. The domain name system is ultimately controlled by ICANN and to obtain a domain name for which you can also get a TLS certificate you'll need to buy one. There are various sites which sell domain names, and fortunately they can often be quite cheap - especially if you can think of an obscure name for your site. Prefer sites where the domain name subscription can be automatically renewed, because otherwise trolls can quickly buy your domain when it expires and then hold it for ransom. If you're planning to self-host for more than an ephemeral purpose, such as a conference or festival, then choose the longest subscription period you can afford (typically a few years).
You probably only need one ICANN domain name and then the various Freedombone apps you might want can be set up on subdomains, such as /blog.mydomainname.net/.
* Dynamic DNS
You will also need a dynamic DNS account, and again this might be something you have to pay a subscription for. Your Freedombone system will have a local network address (typically 192.168.x.y or 10.x.y.z) and also a public IP address assigned by your ISP. Your ISP will change your public IP address every so often (that's why it's called "dynamic") and so there needs to be some way to link the domain name which you've obtained to your changing public IP address. That's what the dynamic DNS service does.
/Starting to think that this sounds like a rather shaky system which would would be not too difficult for an adversary to disrupt - especially if they get cosy with ICANN or the dynamic DNS provider? You'd be right. But moving swiftly past that man behind a curtain.../
In simple terms what happens is that on a regular basis the Freedombone system will ping the dynamic DNS service and say "/this is my current public IP address/", so that the mapping between domain name and IP address can be maintained.
The dynamic DNS service will have their own DNS servers maintaining the IP address mappings and so on the web site where you registered your domain name you will need to specify the servers of the your dynamic DNS account. Look for an option such as "/change nameservers/" or "/custom nameservers/", remove any names which might already be there and then add the servers used by the dynamic DNS service. For example, if you're using FreeDNS then these servers would be:
#+begin_src text
NS1.AFRAID.ORG
NS2.AFRAID.ORG
NS3.AFRAID.ORG
NS4.AFRAID.ORG
#+end_src
It might take a few minutes for the changes to take effect, so don't be too hasty to conclude that it doesn't work.
** Configuring with FreeDNS
If you are using FreeDNS as a dynamic DNS provider then on their site select "/Domains/" and add your domain name (this might only be available to paid subscribers). Make sure that they're marked as "/private/" so that subdomains of your domain name are not used by other users of the site.
Select "Subdomains" from the menu on the left then select the MX entry for your domain and change the destination to *10:mydomainname* rather than *10:mail.mydomainname*.
* Setting up with Freedombone
When you start the base installation of the system it will ask you to choose a dynamic DNS provider and then enter the login details for the dynamic DNS service.
* A note about Tor
If you only want your sites to be available via Tor then none of the above is needed and you can access your sites and systems via their onion addresses. Tor has its own naming system which is independent from ICANN, and you also won't need TLS/SSL certificates since it also manages transport encryption itself. When building disk images use the *--onion yes* option, or choose one of the ready made onion disk images [[./downloads][from downloads]].

View File

@ -1,77 +1,88 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+KEYWORDS: freedombone, faq
#+DESCRIPTION: Frequently asked questions
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Frequently Asked Questions</h1>
</center>
#+END_EXPORT
#+attr_html: :width 100% :align center
[[file:images/surveillanceoptions.jpg]]
/Possible options for dealing with bulk surveillance at The Glass Room exhibition, 2017/
#+BEGIN_CENTER
#+ATTR_HTML: :border -1
| [[What applications are supported?]] |
| [[I don't have a static IP address. Can I still install this system?]] |
| [[Why Freedombone and not FreedomBox?]] |
| [[Why not support building images for Raspberry Pi?]] |
| [[Why use Tor? I've heard it's used by bad people]] |
| [[Why use Github?]] |
| [[Keys and emails should not be stored on servers. Why do you do that?]] |
| [[./mirrors.html][I have a question about mirrors or upstream repositories]] |
| [[Why can't I access my .onion site with a Tor browser?]] |
| [[What is the best hardware to run this system on?]] |
| [[Can I add more users to the system?]] |
| [[Why not use Signal for mobile chat?]] |
| [[What is the most secure chat app to use on mobile?]] |
| [[How do I remove a user from the system?]] |
| [[Why is logging for web sites turned off by default?]] |
| [[How do I reset the tripwire?]] |
| [[Is metadata protected?]] |
| [[How do I create email processing rules?]] |
| [[Why isn't dynamic DNS working?]] |
| [[How do I change my encryption settings?]] |
| [[How do I get a domain name?]] |
| [[How do I get a "real" SSL/TLS/HTTPS certificate?]] |
| [[How do I renew a Let's Encrypt certificate?]] |
| [[I tried to renew a Let's Encrypt certificate and it failed. What should I do?]] |
| [[Why use self-signed certificates?]] |
| [[Why not use the services of $company instead? They took the Seppuku pledge]] |
| [[Why does my email keep getting rejected as spam by Gmail/etc?]] |
| [[Does this project have a Code of Conduct?]] |
| [[What applications are supported?]] |
| [[I don't have a static IP address. Can I still install this system?]] |
| [[What are the best microSD cards to use?]] |
| [[On a single board computer can I boot from an external SSD or hard drive?]] |
| [[Why Freedombone and not FreedomBox?]] |
| [[Why not support building images for Raspberry Pi?]] |
| [[Why use Tor? I've heard it's used by bad people]] |
| [[How is Tor integrated with Freedombone?]] |
| [[Can I add a clearnet domain to an onion build?]] |
| [[What are the data protection implications of running this system?]] |
| [[After using nmap or other scanning tool I can no longer log in]] |
| [[Should I upload my GPG keys to keybase.io?]] |
| [[Keys and emails should not be stored on servers. Why do you do that?]] |
| [[Why can't I access my .onion site with a Tor browser?]] |
| [[What is the best hardware to run this system on?]] |
| [[Can I add more users to the system?]] |
| [[Why not use Signal for mobile chat?]] |
| [[What is the most secure chat app to use on mobile?]] |
| [[How do I remove a user from the system?]] |
| [[Why is logging for web sites turned off by default?]] |
| [[How do I reset the tripwire?]] |
| [[Is metadata protected?]] |
| [[How do I create email processing rules?]] |
| [[Why isn't dynamic DNS working?]] |
| [[How do I change my encryption settings?]] |
| [[How do I get a domain name?]] |
| [[How do I renew a Let's Encrypt certificate?]] |
| [[I tried to renew a Let's Encrypt certificate and it failed. What should I do?]] |
| [[Why not use the services of $company instead? They took the Seppuku pledge]] |
| [[Why does my email keep getting rejected as spam by Gmail/etc?]] |
| [[Tor is censored/blocked in my area. What can I do?]] |
| [[I want to block a particular domain from getting its content into my social network sites]] |
| [[The mesh system doesn't boot from USB drive]] |
| [[Mesh system doesn't connect to the network]] |
#+END_CENTER
* Does this project have a Code of Conduct?
Yes. It can be [[./codeofconduct.html][found here]].
* What applications are supported?
* *Email* - Server and Mutt client configured for use with GPG and Emacs or Vim
* *DLNA* - Play music on your local network devices
* *Dokuwiki* - Databaseless wiki
* *GNU Social* - Federated social network and resource sharing system
* *Gogs* - Host your git projects
* *qTox* - Chat and VoIP client on mesh networks
* *HTMLy* - Databaseless blogging system
* *Pelican* - Static blogging system used on mesh networks
* *Hubzilla* - Federated social networking and web publishing
* *IRC server*
* *Obnam* - Encrypted backups to USB or to other servers
* *Mumble* - VoIP and text chat
* *pi-hole* - Block internet ads on your local network
* *tt-rss* - Accessible via an onion address to give you /the right to read/ from any device
* *sipwitch* - Telephony system
* *Syncthing* - File sync
* *IPFS* - For accessing sites on a mesh network
* *Toxcore/Toxic* - Bootstrap node and client
* *XMPP server* - Including XEPs needed to support the Conversations Android app with OMEMO
* *Shell based web browser* - if all else fails then ssh to your server and browse from there
[[./apps.html][See here]] for the complete list of apps. In addition to those as part of the base install you get an email server.
* I don't have a static IP address. Can I still install this system?
Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
The lack of a static IP address can be worked around by using a dynamic DNS service. Freedombone uses [[https://troglobit.com/inadyn.html][inadyn]] , which supports a variety of dynamic DNS providers.
* What are the best microSD cards to use?
There can be big differences in the performance of microSD cards, and the cheaper ones are almost invariably terrible and/or unusable. Sandisk and Samsung currently appear to be the better brands. You can find some performance benchmarks [[http://www.pidramble.com/wiki/benchmarks/microsd-cards][here]]. However, benchmarks like this only give a very rough idea of performance and they can vary significantly between individual cards even within the same brand.
If you're struggling to get good performance out of your microSD card then you might want to consider running from a SATA drive or SSD instead. Some boards such as Cubieboard and Olinuxino have SATA sockets such that you can connect an SSD. It doesn't have to be high cost and the smallest SSD you can find will probably be enough. It's then possible to build an image with the *--sata* option or download one of the pre-built ones and copy it both to the microSD and SATA drive. SSD drives can give a 10x performance improvement over just using a microSD card.
* On a single board computer can I boot from an external SSD or hard drive?
Some single board computers, such as Cubieboards or OLinuxino, have a SATA socket on them which enables an external drive to be connected. This is usually intended for extra file storage, but it is also possible to run the operating system from an external drive. This can have the advantage of significantly increasing the read/write performance and your apps will appear to run more quickly.
Typically a microSD read speed is 10-30MB/s. An SSD or hard drive can be 100MB/s or more, so that's a big potential gain.
Single board computers usually don't have the capability of booting directly from an external drive, but what you can do is boot from a partition on a microSD drive, which then runs the main filesystem (the rootfs) from the external drive.
To create an image suitable for running from an SSD or hard drive use the --sata option, such as:
#+BEGIN_SRC bash
freedombone-image -t cubieboard2 --sata sda2
#+END_SRC
Note that the sata option should be set to point to the second partition on the drive, which is normally sda2.
When the image is created then use the dd command to copy it both to a microSD card and to the SSD or hard drive. Plug them both into the board and it should then boot and use the external drive.
* Why Freedombone and not FreedomBox?
When the project began in late 2013 the FreedomBox project seemed to be going nowhere, and was only designed to work with the DreamPlug hardware. There was some new hardware out - the Beaglebone Black - which could run Debian and was also a free hardware design so seemed more appropriate. Hence the name "Freedombone", being like FreedomBox but on a Beaglebone. There are some similarities and differences between the two projects:
@ -84,7 +95,7 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
- Both projects include wiki, blog, VoIP and file sync
- Both projects enable easy installation and removal of apps
- Both are typically "bare metal" rather than running as VMs or containers
- Both currently are hosted on Github
- Both can use the companion app for Android
** Differences
- FreedomBox is a Debian pure blend. Freedombone is not
- Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
@ -100,21 +111,42 @@ The FreedomBox project supports Raspberry Pi builds, and the image build system
So although the Raspberry Pi is cheap and hugely popular it's not supported by the Freedombone project. Perhaps future versions of the Pi won't have the proprietary blob requirement, or maybe the blob will be open sourced at some stage.
* Why use Tor? I've heard it's used by bad people
Before you run screaming for the hills based upon whatever scare story you may have just read in the mainstream media there are a few things worthy of consideration. Tor is installed by default on Freedombone, /but not as a relay or exit node/. It's only used to provide onion addresses so that this gives you or the viewers of your sites some choice about how they access the information. It also allows you to subscribe to and read RSS feeds privately.
Years ago Tor was usually depicted in the mainstream media as something scary inhabited by cyberterrorists and other bad cybers, but today to a large extent Tor is accepted as just another way of routing data in a network. Depending upon where you live there may still be some amount of fearmongering about Tor, but it now seems clear that the trajectory is towards general acceptance.
Onion routing - which is what Tor provides - gives you some level of protection against bulk surveillance of metadata. These days governments and other organisations are in the business of collecting and analysing your metadata. They want to have comprehensive lists of which sites you visited, or who visited your sites. Tor may at least partially help to thwart their totalitarian ambitions to know everything about everyone all of the time.
Tor and its onion addresses, previously called hidden addresses, have a few key advantages:
Tor is not a perfect system and is not fully decentralised. Like all software it has bugs, but it can be considered to probably be an effective tactic against some of the most egregious surveillance fanatics out there.
* NAT traversal
* Firewall traversal
* Avoiding the domain name system (DNS), which is mostly centralized and not secure
* Avoiding passive bulk surveillance in which governments try to find out who is communicating with who
The media may also have sold you torrid tales about individual Tor project developers. While the conduct of individuals does matter, what matters far more is whether the technical system works and is practical for the average user. Don't allow your opinions of the technical system to be deflected by transient sex scandals or oppressive moralising, and /don't hold anyone to standards higher than you would apply to yourself/.
* Why use Github?
Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
On the negative side it's a complex system which is not fully decentralized.
* How is Tor integrated with Freedombone?
Within this project Tor is used more to provide /accessibility/ than the /anonymity/ factor for which Tor is better known. The onion address system provides a way of being able to access sites even if you don't own a conventional domain name or don't have administrator access to your local internet router to be able to do port forwarding.
At present Github is useful just because of the sheer number of eyeballs and the easy discoverability of projects via search.
Tor is installed by default, but it's not configured as a relay or exit node. From the administrator control panel you can optionally set up a Tor bridge, but this is only for adverse situations and not usually advisable.
The source code for this project is experimentally independently hosted, and it is expected that in future the main development will shift over to an independent site, maybe with mirrors on Github if it still exists in a viable form.
When you install an app you will be able to access it from its onion address.
Currently many of the repositories used for applications which are not yet packaged for Debian are on Github, and to provide some degree of resilliance against depending too much upon that it's possible to use [[./mirrors.html][mirrors stored on another server]].
Even if you're running the "onion only" build, this only means that sites are accessible via onion addresses. It doesn't mean that everything gets routed through Tor. If full anonymity is your aim then it's probably a good idea to just stick strictly to using TAILS.
* Can I add a clearnet domain to an onion build?
You could if you manually edited the relevant nginx configuration files and installed some dynamic DNS system yourself. If you already have sysadmin knowledge then that's probably not too hard. But the builds created with the *onion-addresses-only* option aren't really intended to support access via clearnet domains.
* What are the data protection implications of running this system?
Data protection laws such as [[https://en.wikipedia.org/wiki/General_Data_Protection_Regulation][GDPR]] in the EU or the [[https://en.wikipedia.org/wiki/Data_Protection_Act_1998][Data Protection Act]] in the UK usually only apply to formal organizations which are recognized as being legal entities. So you have to be running a business or a charity or some other formal organization in order for the storage of what's known as /personally identifying information/ to potentially become a legal issue. Laws like this usually include:
* A right to obtain your information
* A right to be forgotten (i.e. to have your data permanently deleted)
* Ensuring that stored personal data remains accurate
If you're self-hosting then in the language of data protection law the "/data controller/" and the "/data subject/" are one and the same, so there isn't any power differential of that sort. Freedombone is only intended for small numbers of users, so if you are hosting more than one person chances are that you know the others quite well and can arrange to update their data or delete their account if that's needed. Even if data protection laws are later extended to include home server type scenarios it's unlikely that this will become a problem.
For the mesh version similar applies. Each peer stores their own personal data and it never gets aggregated and stored in any centralized way.
* After using nmap or other scanning tool I can no longer log in
This system tries to block port scanners. Any other system trying to scan for open ports will have their IP address added to a temporary block list for 24 hours.
* Should I upload my GPG keys to keybase.io?
It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the *private keys*, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
Saying something resembling "/only noobs will use crackable private key passphrases/" isn't good enough. A passphrase should not be considered to be a substitute for a private key.
* Keys and emails should not be stored on servers. Why do you do that?
Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
@ -138,7 +170,7 @@ It was originally designed to run on the Beaglebone Black, but that should be re
/Out of fashion/ but still working computer hardware tends to be cheap and readily available, yet still good for providing internet services.
* Can I add more users to the system?
Yes. Freedombone can support a small number of users, for a "/friends and family/" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
Yes. Freedombone can support a small number of users, for a "/friends and family/" type of home installation. This gives them access to an email account, XMPP, VoIP, NextCloud and possibly other apps which have been installed.
#+begin_src bash
ssh username@mydomainname -p 2222
@ -154,10 +186,11 @@ Celebrities recommend Signal. It's Free Software so it must be good, right?
If you are currently using a proprietary chat app, something without any encryption or something /really bad/ such as Telegram, then Signal is definitely a step up in terms of security. But Signal has problems, which can be summarised as:
* *It uses phone numbers*. Phone numbers are used for Signal's initial verification, and they can of course be intercepted or faked. Plus it means that Open Whisper Systems keeps a list of phone numbers on its centralised server for its /"X has joined Signal"/ notification. Even if they're hashed, they're still unique identifiers and [[https://en.wikipedia.org/wiki/Rainbow_table][rainbow tables]] for the phone number system probably exist. Phone numbers are convenient for some users, but are also a non-trivial security risk. If you're using Signal then consider what it knows about who your contacts are, where that data is located and who else might have access to that. Consider what might happen if an adversary gets to know your mobile number.
* *It's based on a single server* run by Open Whisper Systems. That's a single point of failure and ought to be a big red flag (of the sporting rather than the socialist variety) as a possible locus for concentrated nefariousness.
* *It requires the installation of Google Play*. If you already have Google Play installed on a stock Android OS then this doesn't increase your security problems, but for other more secure Android variants it's a massive increase in attack surface.
* *It requires the installation of Google Play*. If you already have Google Play installed on a stock Android OS then this doesn't increase your security problems, but for other more secure Android variants it's a massive increase in attack surface. There is a separate apk available for download, but it won't receive updates and the hash shown on the site often doesn't match.
* *It depends entirely upon the Google message pushing system*. That means that Google /at least knows who Signal messages are being sent to and may be able to infer the rest via your (insecure) Android phone contact list or via timing correlation of alternating deliveries/. Remember that for an adversary metadata in aggregate is much better than having the content of messages. At any time Google could decide that it doesn't want to support Signal, or in adverse circumstances they could be leaned upon by the usual agencies or government cronies.
* *Their privacy policy indicates that they will give whatever server data they have to third parties* under some conditions. Of course this is always claimed to be /for the very best of reasons/ - such as combating fraud - but once that sort of disclosure capability exists it may be abused without you ever knowing about it.
* *Their privacy policy indicates that they will give whatever server data they have to third parties* under some conditions. Of course this is always claimed to be /for the very best of reasons/ - such as combating fraud - but once that sort of disclosure capability exists it may be abused without you ever knowing about it. Consider how difficult, or not, it may be for a government to reverse engineer a database of hashed telephone numbers.
* *Forking isn't really an option*. A fork was tried, but Moxie got annoyed when it still used his server. At the same time the level of interest in federating the server is not detectable with our best intrumentation, and is suspected to be negative. That's a catch 22 which effectively means that independent implementations of Signal will always leave some users unable to communicate with each other.
To give credit where it's due Signal is good, but it could be a lot better. The real solution for private chat is to run your own XMPP server, as you can with Freedombone, or to have someone within your community do that. /There is no substitute for a decentralised solution which is within the control of your community/.
@ -188,7 +221,7 @@ The tripwire will be automatically reset once per week. If you want to reset it
ssh username@mydomain -p 2222
#+end_src
Select /Administrator controls/ then "reset tripwire" using cursors and space bar then enter.
Select /Administrator controls/ then /Security settings/ then /reset tripwire/.
* Is metadata protected?
#+BEGIN_QUOTE
"/We kill people based on metadata/"
@ -275,16 +308,6 @@ service exim4 restart
You should now be able to send an email from /postmaster@mynewdomainname/ and it should arrive in your inbox.
* How do I get a "real" SSL/TLS/HTTPS certificate?
If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
#+begin_src bash
ssh username@mydomainname -p 2222
#+end_src
Select /Administrator controls/ then *Security settings* then *Create a new Let's Encrypt certificate*.
One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS subdomains, such as those from freeDNS, so to run Hubzilla and GNU Social you will need to have your own official domains for those. There are many sites from which you can buy cheap domain names, and while this isn't ideal in terms of making you dependent upon another company it's the only option currently.
* How do I renew a Let's Encrypt certificate?
Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
@ -303,13 +326,6 @@ ssh username@mydomainname -p 2222
#+end_src
Select /Administrator controls/ then *Security settings* then *Create a new Let's Encrypt certificate*.
* Why use self-signed certificates?
Almost everywhere on the web you will read that self-signed certificates are worthless. They bring up /scary-scary looking/ browser warnings and gurus will advise you not to use them. Self-signed certificates are quite useful though. What the scary warnings mean - and it would be good if they explained this more clearly - is that you have an encrypted connection established but there is /no certainty about who that connection is with/. They probably will protect the content of your communications from passive bulk interception - such as the tapping of under-sea cables.
The current strategy on this system is to typically create self-signed certificates during the initial installation but also to have the ability to easily convert those to LetsEncrypt certificates via the security settings on the administrator control panel.
You might say, /"but surely LetsEncrypt is a single point of failure!"/, and you'd be right. Maybe at some point in future LetsEncrypt is no longer a thing, or no longer considered sufficiently secure. That's why building in total dependence upon one organisation is a bad idea, and it's still possible to have self-signed certs as a fallback option.
* Why not use the services of $company instead? They took the Seppuku pledge
[[https://cryptostorm.org/viewtopic.php?f=63&t=2954&sid=7de2d1e699cfde2f574e6a7f6ea5a173][That pledge]] is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "/on our side/". Post-[[https://en.wikipedia.org/wiki/Nymwars][nymwars]] and post-[[https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%29][PRISM]] we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
* Why does my email keep getting rejected as spam by Gmail/etc?
@ -328,9 +344,34 @@ This may work, at least when using Mutt, and admittedly if it does then it's a c
The current arrangement with email blocking works well for the big internet companies because it effectively centralises email to a few well-known brand names and keeps any independent servers out, or creates dependencies like the one just described in which you become a second class citizen of the internet.
So the situation with email presently is pretty bad, and there's a clear selection pressure against decentralization and towards only a few companies controlling all email services. Longer term the solution is to have more secure protocols which make spamming hard or expensive.
* Tor is censored/blocked in my area. What can I do?
If you can find some details for an obfs4 Tor bridge (its IP address, port number and key or nickname) then you can set up the system to use it to connect to the Tor network. Unlike relay nodes the IP addresses for bridges are not public information and so can't be easily known and added to block lists by authoritarian regimes or over-zealous ISPs.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT
ssh into your Freedombone system, go to the *administrator control panel*, select *security settings* then *Tor Bridges* and *Add a bridge*. You can then enter the details.
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_bridges.jpg]]
Any bridges that you add will also show up on the About screen of the administrator control panel.
You can also set your system to act as a Tor bridge, although this is not recommended since in most cases you will have a dynamic external IP address. If you need to help someone get around local censorship temporarily though this could be an option.
* I want to block a particular domain from getting its content into my social network sites
If you're being pestered by some domain which contains bad/illegal/harrassing content or irritating users you can block domains at the firewall level. Go to the administrator control panel and select /domain blocking/. You can then block, unblock and view the list of blocked domains.
#+begin_src
ssh username@domainname -p 2222
#+end_src
Select /Administrator controls/ then /Domain blocking/.
* The mesh system doesn't boot from USB drive
If the system doesn't boot and reports an error which includes */dev/mapper/loop0p1* then reboot with *Ctrl-Alt-Del* and when you see the grub menu press *e* and manually change */dev/mapper/loop0p1* to */dev/sdb1*, then press *Ctrl-x*. If that doesn't work then reboot and try */dev/sdc1* instead.
After the system has booted successfully the problem should resolve itself on subsequent reboots.
* Mesh system doesn't connect to the network
Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the *network restart* icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

39
doc/EN/fediverse.org Normal file
View File

@ -0,0 +1,39 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, homestead, fediverse
#+DESCRIPTION: Homesteading the Fediverse
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Homesteading the Fediverse
Some things you might want to know about the Fediverse:
* Federation as a concept
The political definition of a federation is "/a union of partially self-governing states or regions under a central (federal) government/". The fediverse isn't exactly like that, in that there is no federal government. However there are protocols which govern the communication between instances and that might be analogized to being a sort of elementary constitution or mutual agreement binding all participants together. The protocols are merely ways of moving data around though, and don't impose any sort of moral code.
* Keep the number of users on each server small
The importance of this can't be overstated. Servers with lots of users always eventually have problems where the interests of the users are not the same as the interests of the server administrator. If you are the server administrator, or if there are only a small squad-size group of people on the server, then it's a lot easier to resolve differences and everyone's interests are likely to be similar.
* Drama will happen
It's inevitable in any social network, but fortunately your options for dealing with it are better than they are in the giant proprietary monoliths. In the proprietary world Google or Facebook don't give a damn about the fate of individual users. On a server with a small number of users if you're getting griefed then the administrator is likely to care and be able to do something about it.
* Don't be afraid to block
Especially if other servers are publishing content which may not be legal in your jurisdiction then don't be afraid to use domain or user blocking from the *Administrator control panel*. The same applies if users on other servers are trying to harass you. Blocking creates politics and drama but _this is a feature not a bug_. It allows you to craft your own distinct community and user experience while also existing in the wider federation. It's hard to do this on sites like Twitter or Facebook. Try to keep blocking to a minimum though and avoid doing it for insubstantial reasons. If you have other users on your server then publish the blocked domains list somewhere they can see. That avoids disappointment and enables you to have a discussion about the validity of blocking decisions.
* Network structure maps on to social structure
Over time follows and blocking rules come to match the underlying social geography of affinity groups. Blocking will happen and users will move around or start new servers. Drama related to blocking will dissipate.
* Keep your follows under the Dunbar number
Keep the number of other frequently active users you're following to under a couple of hundred. Your actual number of follows might be larger than this but could include users who rarely post anything.
Once there are more than a couple of hundred highly active users in your timeline then you'll just be overwhelmed by irrelevant stuff and whatever community you may have been part of will be drowned in the entropy. There are no algorithmic timelines to hide posts, and even if they're introduced then they create their own problems as an opaque form of censorship. _Real community happens at tribal scale_. It's something which people often don't like to admit because they get fixated upon bigger and bigger numbers, but it definitely seems to be true.
* Avoid big public servers
It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,44 +1,51 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, home server
#+DESCRIPTION: Freedombone home server setup
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+begin_export html
<center><h1>Home Server</h1></center>
#+end_export
* Home Server
The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
First install freedombone onto your local system (not the target hardware that you want to run Freedombone on). On a debian based distro:
#+begin_src bash
sudo apt-get install git
git clone https://github.com/bashrc/freedombone
sudo apt-get install git dialog build-essential
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stockholm
git checkout stretch
sudo make install
freedombone-image --setup debian
freedombone-image -t i386 --onion yes
freedombone-image -t i386 --onion-addresses-only yes
#+end_src
Or on Arch/Parabola:
#+begin_src bash
sudo pacman -S git
git clone https://github.com/bashrc/freedombone
sudo pacman -S git dialog
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stockholm
git checkout stretch
sudo make install
freedombone-image --setup parabola
freedombone-image -t i386 --onion yes
freedombone-image -t i386 --onion-addresses-only yes
#+end_src
If you can't obtain a copy of the source code from *code.freedombone.net* (maybe the server is down) then you may still be able to obtain it with:
#+begin_src bash
dat clone dat://e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e/
cd e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e
tar -xzvf freedombone.tar.gz
cd freedombone
git checkout stretch
#+end_src
Now prepare your local system to talk to the freedombone by running the following command. This will set up avahi and create ssh keys if necessary.
@ -47,17 +54,17 @@ Now prepare your local system to talk to the freedombone by running the followin
freedombone-client
#+end_src
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/tor_onion.jpg]]
#+END_CENTER
The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the *--onion yes* option from the last command shown above.
The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the *--onion-addresses-only yes* option from the last command shown above. Also see the [[./domains.html][guide on setting up an ICANN domain name]].
The *onion-addresses-only* option *does not* mean that everything gets routed through Tor. It's intended to provide accessible web apps with minimum fuss and without needing to buy a clearnet domain name or mess with forwarding ports. Using apps via their onion addresses may provide some degree of anonymity but it may not be perfect and anonymity isn't the aim of this system (if you want that then use [[https://tails.boum.org/][TAILS]]).
If you want to create images for microSD cards used within various single board computers then replace the *i386* with *beaglebone* / *cubieboard2* / *cubietruck* / *a20-olinuxino-lime* / *a20-olinuxino-lime2* / *a20-olinuxino-micro* or *apu*.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/beaglebone_black9.jpg]]
#+END_CENTER
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
@ -72,7 +79,8 @@ Now plug in the USB thumb drive, and do the same again. Notice which drive lette
You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
#+begin_src bash
dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
dd if=/dev/zero of=/dev/sdX bs=32M count=8
dd bs=32M if=myimagefile.img of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use as a server, power on and set the BIOS to boot from the USB stick.
@ -104,9 +112,8 @@ freedombone-client --verify
This will show the hash code for the public ssh key of the Freedombone system.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/ssh_key_verify.jpg]]
#+END_CENTER
Open another terminal window then run:
@ -115,17 +122,15 @@ freedombone-client
ssh myusername@freedombone.local -p 2222
#+end_src
Use the password you wrote down earlier to log in. Select the *administrator control panel* with up and down cursor keys, space bar and enter key. You should see something like this, and you might need to re-enter your password.
Use the password you wrote down earlier to log in. Select the *administrator control panel* with up and down cursor keys and enter key. You should see something like this, and you might need to re-enter your password.
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel.jpg]]
#+END_CENTER
Then select *About*. You'll see a list of sites and their onion addresses.
#+BEGIN_CENTER
#+attr_html: :width 100% :align center
[[file:images/controlpanel/control_panel_about.jpg]]
#+END_CENTER
The About screen contains the ssh server public key hashes and you can compare the relevant one with the previous terminal window to verify that they're the same. If they're not then you might have a /machine-in-the-middle/ snooping on you.
@ -133,11 +138,10 @@ You have now confirmed a secure connection. Probably. If you're still sceptical
Press any key to exit from the About screen. You can then select *Add/Remove apps* and add whatever applications you wish to run. Note that some apps will only run on x86 systems, but most will install and run on ARM single board computers. More details on particular apps can be [[./apps.html][found here]].
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_apps.jpg]]
#+END_CENTER
Once your apps have installed you can go back to the About screen, pick an onion address and try it within a Tor compatible browser. You'll need to know the login passwords and those can be found within the /Passwords/ section of the administrator control panel. An axiom of the Freedombone system is that /if given the choice users will usually use insecure passwords/, so on this system passwords are generated randomly. If you need to then you can transfer the passwords into your favourite password manager and remove them from the server by going to the *Security Settings* section of the administrator control panel and choosing *Password storage*.
Once your apps have installed you can go back to the About screen, pick an onion address and try it within a Tor compatible browser. You'll need to know the login passwords and those can be found within the /Passwords/ section of the administrator control panel. An axiom of the Freedombone system is that /if given the choice users will usually use insecure passwords/, so on this system passwords are generated randomly. If you need to then you can transfer the passwords into your favourite password manager and remove them from the server by going to the *Security Settings* section of the administrator control panel and choosing *Export passwords* and *Password storage*.
*Congratulations! You have now become a citizen of the free internet.*
@ -149,6 +153,5 @@ Of course, this is just one way in which you can install the Freedombone system.
man freedombone-image
#+end_src
#+BEGIN_CENTER
This site can also be accessed via a Tor browser at http://2tp3f6vtvhkqpuc6.onion
#+END_CENTER
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,39 +1,21 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone
#+DESCRIPTION: Freedombone project
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+begin_quote
"/With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we dont control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment./"
#+attr_html: :align center :border 0 :cellpadding 15%
| [[./downloads/images.txt][Downloads]] | [[./apps.html][Apps]] | [[./faq.html][FAQ]] | [[./devguide.html][Developers]] |
| [[./backups.html][Backups]] | [[https://blog.freedombone.net/tag/freedombone][Blog]] | [[./support.html][Contact]] | [[./release31.html][Release]] |
-- Lucas Nussbaum
#+end_quote
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things.
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.
You can run Freedombone on an old laptop or a single board computer. See the [[./installmethods.html][list of installation methods]]. You can also use it to [[./mesh.html][set up a mesh network]] in your local area.
[[./homeserver.html][Here's how]].
And here's how [[./beaglebone.html][on a Beaglebone Black]].
Want to make a community mesh network which doesn't depend upon the internet?
[[./mesh.html][You can do that too]].
After installation it's possible that you might want some advice on how to run your system and set up apps to work nicely with it.
* [[./apps.html][Apps available on the system]]
* [[./usage.html][General usage]]
* [[./faq.html][Frequently Asked Questions]]
If you find bugs, or want to add a new app to this system see the [[./devguide.html][Developers Guide]].
#+BEGIN_CENTER
This site can also be accessed via a Tor browser at http://2tp3f6vtvhkqpuc6.onion
#+END_CENTER
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,20 +1,15 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, installation
#+DESCRIPTION: Freedombone installation
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Installation</h1>
</center>
#+END_EXPORT
* Installation
| [[Building an image for a Single Board Computer or Virtual Machine]] |
| [[Checklist]] |
@ -33,8 +28,9 @@ Install the freedombone commands onto your laptop/desktop:
#+BEGIN_SRC bash
sudo apt-get install git build-essential dialog
git clone https://github.com/bashrc/freedombone
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stretch
sudo make install
#+END_SRC
@ -80,7 +76,7 @@ freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian
Before installing Freedombone you will need a few things.
* Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt.
* System with a new installation of Debian Jessie or a downloaded/prepared disk image
* System with a new installation of Debian Stretch or a downloaded/prepared disk image
* Ethernet connection between the system and your internet router
* That it is possible to forward ports from the internet router to the system, typically via firewall settings
* Have ssh access to the system, typically via fbone@freedombone.local on port 2222
@ -88,14 +84,15 @@ Before installing Freedombone you will need a few things.
There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
** On a Laptop, Netbook or Desktop machine
If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Jessie onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
#+BEGIN_SRC bash
su
apt-get update
apt-get -y install git dialog build-essential
git clone https://github.com/bashrc/freedombone
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stretch
make install
freedombone menuconfig
#+END_SRC
@ -106,6 +103,7 @@ Currently the following boards are supported:
* [[https://beagleboard.org/BLACK][Beaglebone Black]]
* [[https://linux-sunxi.org/Cubietech_Cubieboard2][Cubieboard 2]]
* [[https://linux-sunxi.org/Cubietruck][Cubietruck (Cubieboard 3)]]
* [[https://www.sparkfun.com/products/retired/12856][PCDuino3]]
* [[https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME/open-source-hardware][olinuxino Lime]]
* [[https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME2/open-source-hardware][olinuxino Lime2]]
* [[https://www.olimex.com/Products/OlinuXino/A20/A20-OlinuXino-MICRO/open-source-hardware][olinuxino Micro]]
@ -131,7 +129,7 @@ unxz filename.img.xz
Then copy it to a microSD card. Depending on your system you may need an adaptor to be able to do that.
#+BEGIN_SRC bash
sudo dd bs=1M if=filename.img of=/dev/sdX conv=fdatasync
sudo dd bs=32M if=filename.img of=/dev/sdX conv=fdatasync,sync,noerror
#+END_SRC
Where *sdX* is the microSD drive. You can check which drive is the microSD drive using:
@ -221,8 +219,9 @@ You can configure laptops or desktop machines which connect to the Freedombone s
#+BEGIN_SRC bash
sudo apt-get update
sudo apt-get install git dialog haveged build-essential
git clone https://github.com/bashrc/freedombone
git clone https://code.freedombone.net/bashrc/freedombone
cd freedombone
git checkout stretch
sudo make install
freedombone-client
#+END_SRC

31
doc/EN/installmethods.org Normal file
View File

@ -0,0 +1,31 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, installation
#+DESCRIPTION: Installation methods
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. [[https://freedns.afraid.org][FreeDNS]] is the one recommended, but others are available.
If you want systems to be available within an ordinary web browser, such as Firefox, then you will need to [[./domains.html][obtain a domain name]].
A list of other supported ARM boards [[./boards.html][can be found here]], or you can install onto an old laptop or netbook. Some installation instructions for different use cases are:
* [[./homeserver.html][Typical installation]]
* Installing [[./beaglebone.html][on a Beaglebone Black]]
* Installing on an [[./debianinstall.html][existing Debian system]]
* Installing [[./armbian.html][on Armbian]], for unsupported ARM boards such as Raspberry Pi
* Creating a dedicated [[./socialinstance.html][fediverse instance]] for a single user or to host a community
* Deploying a [[./mesh.html][mesh network]] which can operate with or without the internet
* [[./users.html][Adding or removing users]]
* [[./security.html][Improving security]]
* [[./mobile.html][Advice on setting up a mobile phone]]
* [[./apps.html][Apps available on the system]]
* [[./faq.html][Frequently Asked Questions]]
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,245 +1,34 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, mesh
#+DESCRIPTION: Freedombone mesh network
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+begin_export html
<center><h1>Mesh Network</h1></center>
#+end_export
* Mesh Network
#+BEGIN_CENTER
[[file:images/mesh_screenshot.jpg]]
#+END_CENTER
The Freedombone Mesh is a wireless solution for autonomous or internet connected communication that can be rapidly deployed in temporary, emergency or post-disaster situations where internet access is unavailable or compromised.
|------------------------+---+-------------+---+----------------------+---+---------------|
| [[What the system can do]] | - | [[Disk Images]] | - | [[Building Disk Images]] | - | [[How to use it]] |
|------------------------+---+-------------+---+----------------------+---+---------------|
* [[./mesh_philosophic.html][Philosophic]]
* [[./mesh_capabilities.html][Capabilities]]
* [[./mesh_images.html][Disk images and how to build them]]
* [[./mesh_custom.html][Customisation]]
* [[./mesh_usage.html][How to use it]]
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small business internal office communications, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies. The down side is that you can't access any internet content. The upside is that you can securely communicate with anyone on the local mesh. No ISPs. No payments or subscriptions beyond the cost of obtaining the hardware. Systems need to be within wifi range of each other for the mesh to be created. It can be an ultra-convenient way to do purely local communications.
#+attr_html: :width 100% :align center
[[file:images/mesh_desktop1.png]]
* What the system can do
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small businesses who don't want the overhead of server maintenance, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies.
- Discovery of other users on the network
- Text based chat, one-to-one and in groups
- Voice chat (VoIP)
- Private and public sharing of files
- Blogging
- No network administration required
- No servers, internet connection or cabling is needed.
- Works from bootable USB drives or microSD drives.
- Data is mesh routed between systems
- Private communications is end-to-end secured and forward secret.
- Publicly shared data is /content addressable/.
If an internet connection is available then it can make use of that, but otherwise it can still work regardless of whether the internet exists. So it's not dependent upon ISPs and additional infrastructure other than USB drives isn't required.
This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
Systems only need to be within wifi range of each other for the mesh to be created, so it can be an very convenient way to create a local communications network.
* Disk Images
** Client images
Like [[https://libremesh.org][LibreMesh]], this system uses a combination of [[https://en.wikipedia.org/wiki/B.A.T.M.A.N.][batman-adv]] on network layer 2 and [[http://bmx6.net][BMX]] on layer 3. Routing protocols [[http://www.olsr.org][OLSR2]] and [[https://www.irif.fr/~jch/software/babel][Babel]] are also selectable.
#+BEGIN_CENTER
[[file:images/mesh_netbook.jpg]]
#+END_CENTER
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 8GB in size.
#+begin_src bash
sudo apt-get install xz-utils wget
wget https://freedombone.net/downloads/mesh-client-i386-20160913.img.xz
wget https://freedombone.net/downloads/mesh-client-i386-20160913.img.xz.sig
gpg --verify mesh-client-i386-20160913.img.xz.sig
sha256sum mesh-client-i386-20160913.img.xz
2111eeeba713d7ea0109845a295cc44550c66679045fd4bdafc04a883635bea9
unxz mesh-client-i386-20160913.img.xz
sudo dd bs=1M if=mesh-client-i386-20160913.img of=/dev/sdX conv=fdatasync
#+end_src
To get a number of systems onto the mesh repeat the /dd/ command to create however many bootable USB drives you need.
If you're in an emergency and don't have Atheros wifi dongles then there is also an "insecure" image which contains some proprietary wifi drivers which may work with a wider range of laptops. Proprietary drivers *are not recommended* because they're unsupportable and may be exploitable or contain malicious antifeatures which fundamentally compromise the security of the network. However, the trade-off between security/maintainability and simply having the ability to communicate at all may be a valid one in some situations.
#+begin_src bash
sudo apt-get install xz-utils wget
wget https://freedombone.net/downloads/mesh-client-insecure-i386-20160913.img.xz
wget https://freedombone.net/downloads/mesh-client-insecure-i386-20160913.img.xz.sig
gpg --verify mesh-client-insecure-i386-20160913.img.xz.sig
sha256sum mesh-client-insecure-i386-20160913.img.xz
cd03596d115030469ff57ef519a2a8baba1e71b541e3014032c01f507c7988c1
unxz mesh-client-insecure-i386-20160913.img.xz
sudo dd bs=1M if=mesh-client-insecure-i386-20160913.img of=/dev/sdX conv=fdatasync
#+end_src
** Router images
Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
*** Beaglebone Black
#+BEGIN_CENTER
[[file:images/mesh_router.jpg]]
#+END_CENTER
The above picture shows a Beaglebone Black with the image copied onto a microSD card (there's no need to do anything with the internal EMMC). A USB Atheros wifi adaptor with a large antenna is attached and in this case power is from the mains, although it could be from a battery or solar power system capable of supplying 5 volts and maybe 1A (depending upon how active the router is).
#+begin_src bash
sudo apt-get install xz-utils wget
wget https://freedombone.net/downloads/mesh-router-beaglebone-black-20160913.img.xz
wget https://freedombone.net/downloads/mesh-router-beaglebone-black-20160913.img.xz.sig
gpg --verify mesh-router-beaglebone-black-20160913.img.xz.sig
sha256sum mesh-router-beaglebone-black-20160913.img.xz
74470b6491951a9744fdd3dab27e8ca74d5b60499fcf6e1a5313e6854c9db894
unxz mesh-router-beaglebone-black-20160913.img.xz
sudo dd bs=1M if=mesh-router-beaglebone-black-20160913.img of=/dev/sdX conv=fdatasync
#+end_src
If you have a few Beaglebone Blacks to use as routers then repeat the /dd/ command to create however many microSD cards you need.
There is still a software freedom issue with the Beaglebone Black, but it doesn't prevent you from running a fully free system on the board. The TI AM335X SOC has a PowerVR SGX530 GPU which will only run with a proprietary blob, but this would only be an issue for systems with a monitor or LCD screen attached running a desktop environment which also needs GPU acceleration. For "headless" systems such as servers or mesh routers this isn't a problem.
* Building Disk Images
It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
First you will need to create an image. On a Debian based system (tested on Debian Jessie and Trisquel 7):
#+begin_src bash
sudo apt-get -y install build-essential libc6-dev-i386 wget \
gcc-multilib g++-multilib git python-docutils mktorrent \
vmdebootstrap xz-utils dosfstools btrfs-tools extlinux \
python-distro-info mbr qemu-user-static binfmt-support \
u-boot-tools qemu
wget https://freedombone.net/downloads/freedombone-mesh-13-09-2016.tar.gz
wget https://freedombone.net/downloads/freedombone-mesh-13-09-2016.tar.gz.sig
gpg --verify freedombone-mesh-13-09-2016.tar.gz.sig
sha256sum freedombone-mesh-13-09-2016.tar.gz
3e279f8ed762afb682bec6bd463830087354dd2f24020f3b0de51143585ab0ed
tar -xzvf freedombone-mesh-13-09-2016.tar.gz
cd freedombone
git checkout stockholm
sudo make install
freedombone-image -t i386 -v meshclient
#+end_src
If you don't have Atheros or free software compatible wifi adapter then you can include proprietary wifi drivers which will work with most laptops. This is *NOT RECOMMENDED* because proprietary drivers are unsupportable and may contain either malware or be exploitable in a way which can't be fixed. However, if you're in an emergency and don't have any Atheros or free software wifi USB dongles then you can use the following command to make the image:
#+begin_src bash
freedombone-image -t i386 -v meshclient --insecure yes
#+end_src
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
List what drives are on your system with:
#+begin_src bash
ls /dev/sd*
#+end_src
Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
#+begin_src bash
sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
#+end_src
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.
On first boot you'll be asked to set a username, and then you can open the chat client and select the *users* icon to show the Tox IDs for other users on the mesh. When folks join they will be announced.
Rinse, repeat, for any number of laptops that you want to get onto the mesh or to build out coverage within an area. There are no servers. Just peer-to-peer communications routed through the network which are end-to-end secure after a friend request is accepted. By default the chat client doesn't log anything.
You can also use single board computers (SBCs) such as the BeagleBone Black to make mesh routers which can be bolted to walls or the sides of buildings and consume minimal electrical power, so could be solar or battery powered for short term events such as festivals. To do that use the following command to make the image:
#+begin_src bash
freedombone-image -t beaglebone -v mesh
#+end_src
The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.
* Customisation
If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.
If you need particular /dconf/ commands to alter desktop appearance or behavior then see the function /mesh_client_startup_applications/ within *src/freedombone-image-customise*.
* How to use it
When you first boot from the USB drive the system will create some encryption keys, assign a unique network address to the system and then reboot itself. When that's done you should see a prompt asking for a username. This username just makes it easy for others to initially find you on the mesh and will appear in the list of users.
After a minute or two if you are within wifi range and there is at least one other user on the network then you should see additional icons appear on the desktop, such as /Other Users/ and /Chat/.
** Set the Date
On the ordinary internet the date and time of your system would be set automatically via NTP. But this is not the internet and so you will need to manually ensure that your date and time settings are correct. You might need to periodically do this if your clock drifts. It's not essential that the time on your system be highly accurate, but if it drifts too far or goes back to epoch then things could become a little confusing in regard to the order of blog posts.
*Right click on the date* in the top right corner of the screen. Select *preferences*, then click the *Time Settings* button. You can then select the date from the calendar and set the time, then click the *Set System Time* button. Enter the default password, which is /freedombone/.
** Check network status
Unlike with ordinary wifi, on the mesh you don't get a signal strength icon and so it's not simple to see if you have a good connection.
Select the wifi icon on the desktop and enter the password '/freedombone/'. The network configuration will go into a monitoring mode and in the bottom right side of the window you will be able to see signal strength and other parameters. This can help you to locate systems or adjust antennas to get the best wifi performance.
#+BEGIN_CENTER
[[file:images/mesh_signal.jpg]]
#+END_CENTER
When you are finished close the window and then select the /Network Restart/ desktop icon, which will restart the B.A.T.M.A.N. network. You can also use the restart icon if you are within range of the mesh network but the /Chat/ and /Other Users/ icons do not automatically appear after a few minutes.
** Chat System
Ensure that you're within wifi range of at least one other mesh peer (could be a router or client) and then you should see that the /Chat/ and /Other Users/ icons appear. Select the users icon and you should see a list of users on the mesh. Select the /Chat/ icon and once you are connected you should see the status light turn green. If after a few minutes you don't get the green status light then try closing and re-opening the Tox chat application. Select the plus button to add a friend and then copy and paste in a Tox ID from the users list.
#+BEGIN_CENTER
[[file:images/mesh_paste_tox_id.jpg]]
#+END_CENTER
The other user can then accept or decline your friend request.
#+BEGIN_CENTER
[[file:images/mesh_friend_request.jpg]]
#+END_CENTER
You can also select an avatar by selecting the grey head and shoulders image.
#+BEGIN_CENTER
[[file:images/mesh_choose_avatar.jpg]]
#+END_CENTER
And by selecting the user from the list on the left hand side the chat can begin.
#+BEGIN_CENTER
[[file:images/mesh_text_chat.jpg]]
#+END_CENTER
One important point is that by default the microphone is turned off. When doing voice chat you can select the microphone volume with the drop down slider in the top right corner of the screen.
At present video doesn't work reliably, but text and voice chat do work well.
** Sharing Files
You can make files publicly available on the network simply by dragging and dropping them into the /Public/ folder on the desktop. To view the files belonging to another user select the desktop icon called /Visit a site/ and enter the username or Tox ID of the other user.
#+BEGIN_CENTER
[[file:images/mesh_share_files.jpg]]
#+END_CENTER
** Blogging
To create a blog post select the /Blog/ icon on the desktop and then use the up and down cursor keys, space bar and enter key to add a new entry. Edit the title of the entry and add your text. You can also include photos if you wish - just copy them to the *CreateBlog/content/images* directory and then link to them as shown.
#+BEGIN_CENTER
[[file:images/mesh_new_blog.jpg]]
#+END_CENTER
To finish your blog entry just select /Save/ and then close the editor. On older hardware it may take a while to publish the results, and this depends upon the amount of computation needed by IPFS to create file hashes. If you make no changes to the default text then the new blog entry will not be saved.
#+BEGIN_CENTER
[[file:images/mesh_new_blog2.jpg]]
#+END_CENTER
#+BEGIN_CENTER
[[file:images/mesh_view_blog.jpg]]
#+END_CENTER
You can also visit other blogs, edit or delete your previous entry and also change your blog theme.
#+BEGIN_CENTER
This site can also be accessed via a Tor browser at http://2tp3f6vtvhkqpuc6.onion
#+END_CENTER
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -0,0 +1,34 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, mesh
#+DESCRIPTION: Freedombone mesh network capabilities
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Mesh Network: Capabilities
The mesh system has the following capabilities:
- Discovery of other users on the network
- Text based chat, one-to-one and in groups
- Voice chat (VoIP) and video calls
- Private and public sharing of files
- Blogging
- Collaborative editing of documents and presentations
- Social network stream. Follow/unfollow other peers
- No network administration required
- No servers
- Internet connection is optional
- Works from bootable USB drives or microSD drives
- Data is mesh routed between systems
- Private communications is end-to-end secured and forward secret
- Publicly shared data is /content addressable/
This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the [[https://en.wikipedia.org/wiki/Small-world_network][small world effect]] will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

20
doc/EN/mesh_custom.org Normal file
View File

@ -0,0 +1,20 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, mesh
#+DESCRIPTION: Freedombone mesh network customisation
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Mesh Network: Customisation
If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.
If you need particular /dconf/ commands to alter desktop appearance or behavior then see the function /mesh_client_startup_applications/ within *src/freedombone-image-customise*.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

221
doc/EN/mesh_images.org Normal file
View File

@ -0,0 +1,221 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, mesh
#+DESCRIPTION: Freedombone mesh network images
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Mesh Network: Images
* Pre-built Disk Images
** Writing many images quickly
There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the *dd* command is used for writing to the target drive, but to write to multiple drives you can use a tool such as [[https://wiki.gnome.org/Apps/MultiWriter][GNOME MultiWriter]].
For example on Arch/Parabola:
#+begin_src bash
sudo pacman -S gnome-multi-writer
#+end_src
Or on Debian based systems:
#+begin_src bash
sudo apt-get install gnome-multi-writer
#+end_src
The MultiWriter tool is also available within mesh client images, so that you can use mesh systems to create more copies of the same system.
** Client images
#+attr_html: :width 100% :align center
[[file:images/mesh_netbook.jpg]]
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 16GB in size.
Install some prerequisites:
#+begin_src bash
sudo apt-get install xz-utils nodejs
sudo npm install -g dat
#+end_src
To download images with dat:
#+begin_src bash
dat clone dat://e2ed9767d6ab64f4c43a2adbce65af225133fec7ba95737f0a2f6ae292ba358e/
cd e2ed9767d6ab64f4c43a2adbce65af225133fec7ba95737f0a2f6ae292ba358e
#+end_src
Check the signature:
#+begin_src bash
gpg --verify freedombone-meshclient-i386.img.xz.sig
unxz freedombone-meshclient-i386.img.xz
#+end_src
Then clone to the USB drive, where sdX is your USB device:
#+begin_src bash
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
To get a number of systems onto the mesh repeat the /dd/ command to create however many bootable USB drives you need.
If you're in an emergency and don't have Atheros wifi dongles then there is also an "insecure" image which contains some proprietary wifi drivers which may work with a wider range of laptops. Proprietary drivers *are not recommended* because they're unsupportable and may be exploitable or contain malicious antifeatures which fundamentally compromise the security of the network. However, the trade-off between security/maintainability and simply having the ability to communicate at all may be a valid one in some situations.
Install some prerequisites:
#+begin_src bash
sudo apt-get install xz-utils nodejs
sudo npm install -g dat
#+end_src
To download images with dat:
#+begin_src bash
dat clone dat://6d1b73d13b6f9b5c481c6dfd64be6aa58e1cd2d153a6bb04bbc177999ee9925e/
cd 6d1b73d13b6f9b5c481c6dfd64be6aa58e1cd2d153a6bb04bbc177999ee9925e
#+end_src
Check the signature:
#+begin_src bash
gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig
unxz freedombone-meshclient-insecure-i386.img.xz
#+end_src
Then clone to the USB drive, where sdX is your USB device:
#+begin_src bash
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
** Router images
Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
*** Beaglebone Black
#+attr_html: :width 50% :align center
[[file:images/mesh_router.jpg]]
The above picture shows a Beaglebone Black with the image copied onto a microSD card (there's no need to do anything with the internal EMMC). A USB Atheros wifi adaptor with a large antenna is attached and in this case power is from the mains, although it could be from a battery or solar power system capable of supplying 5 volts and maybe 1A (depending upon how active the router is).
Install some prerequisites:
#+begin_src bash
sudo apt-get install xz-utils nodejs
sudo npm install -g dat
#+end_src
To download images with dat:
#+begin_src bash
dat clone dat://a4e79e49c6e77b919d4ae4827037e813ef1ba2734c342d0d78146ce16a819ebb/
cd a4e79e49c6e77b919d4ae4827037e813ef1ba2734c342d0d78146ce16a819ebb
#+end_src
Check the signature:
#+begin_src bash
gpg --verify freedombone-mesh_beaglebone-armhf.img.sig
unxz freedombone-mesh_beaglebone-armhf.img.xz
#+end_src
Then clone to the microSD drive, where sdX is your device name:
#+begin_src bash
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
If you have a few Beaglebone Blacks to use as routers then repeat the /dd/ command to create however many microSD cards you need.
There is still a software freedom issue with the Beaglebone Black, but it doesn't prevent you from running a fully free system on the board. The TI AM335X SOC has a PowerVR SGX530 GPU which will only run with a proprietary blob, but this would only be an issue for systems with a monitor or LCD screen attached running a desktop environment which also needs GPU acceleration. For "headless" systems such as servers or mesh routers this isn't a problem.
* Building Disk Images
It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
First you will need to create an image. On a Debian based system (tested on Debian Stretch):
#+begin_src bash
sudo apt-get install xz-utils nodejs
sudo npm install -g dat
#+end_src
To download images with dat:
#+begin_src bash
dat clone dat://e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e/
cd e9cbf606e55cdaa85199f4e6ec25ff7456775389979a668b3faf33e057493f8e
#+end_src
Check the signature:
#+begin_src bash
gpg --verify freedombone.tar.gz.sig
#+end_src
Install it:
#+begin_src bash
tar -xzvf freedombone.tar.gz
cd freedombone
git checkout stretch
sudo make install
#+end_src
Setup your build environment. If you're using Arch/Parabola substitute /debian/ for /parabola/.
#+begin_src bash
freedombone-image --setup debian
#+end_src
And then build the image:
#+begin_src bash
freedombone-image -t i386 -v meshclient
#+end_src
If you don't have Atheros or free software compatible wifi adapter then you can include proprietary wifi drivers which will work with most laptops. This is *NOT RECOMMENDED* because proprietary drivers are unsupportable and may contain either malware or be exploitable in a way which can't be fixed. However, if you're in an emergency and don't have any Atheros or free software wifi USB dongles then you can use the following command to make the image:
#+begin_src bash
freedombone-image -t i386 -v meshclient --insecure yes
#+end_src
This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
List what drives are on your system with:
#+begin_src bash
ls /dev/sd*
#+end_src
Now plug in the USB thumb drive, and do the same again. Notice which drive letter gets added.
You can now copy the image to the USB thumb drive, replacing *sdX* with the identifier of the USB thumb drive. Don't include any numbers (so for example use *sdc* instead of *sdc1*).
#+begin_src bash
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=myimagefile.img of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
And wait. Again it will take a while to copy over. When that's done plug it into the laptop or netbook which you want to use on the mesh, power on and set the BIOS to boot from the USB stick.
On first boot you'll be asked to set a username, and then you can open the chat client and select the *users* icon to show the Tox IDs for other users on the mesh. When folks join they will be announced.
Rinse, repeat, for any number of laptops that you want to get onto the mesh or to build out coverage within an area. There are no servers. Just peer-to-peer communications routed through the network which are end-to-end secure after a friend request is accepted. By default the chat client doesn't log anything.
You can also use single board computers (SBCs) such as the BeagleBone Black to make mesh routers which can be bolted to walls or the sides of buildings and consume minimal electrical power, so could be solar or battery powered for short term events such as festivals. To do that use the following command to make the image:
#+begin_src bash
freedombone-image -t beaglebone -v mesh
#+end_src
The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -0,0 +1,52 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, mesh
#+DESCRIPTION: Philosophy of the Freedombone mesh
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Mesh Network: Philosophic
#+begin_quote
"/I see mesh networks naturally evolving to become the dominant form of network over the next few decades, because its the most practical solution to a number of problems that will have to be solved in order to build the VR web as well as to connect the entire world to the internet. Centralized networks are only possible in highly developed countries with existing infrastructures like power and telephone grids, as well as roads. You cant build a tower where you dont have either power or access. For vast areas of the world, mesh networks will be the only feasible solution./" -- Valkyrie Ice
#+end_quote
The Freedombone mesh roughly follows MondoNet's ten social specifications:
* Decentralized
The network should not be operated, maintained, or in any way reliant upon a single or minimally differentiated set of entities or technologies. No individual, entity or group should be central to the network to the extent that their absence would measurably impact its functionality or scope. Network participation should not require access to fixed, physical infrastructure of any sort.
* Universally Accessible
The requisite technology and expertise required to participate in the network should be available at minimal cost and effort to every human being on the planet. Furthermore, all users should be able to extend the networks content and functionality to suit their own needs, or those of others. No aspect of the networks functioning should be reliant upon proprietary technologies, information or capital.
* Censor-proof
The network should be resistant to both regulatory and technical attempts to limit the nature of the information shared, restrict usage by given individuals or communities, or render the network, or any portion of it, inoperable or inaccessible.
* Surveillance-proof
The network should enable users to choose exactly what information they share with whom, and to participate anonymously if they so desire. Users should only have access to information if they are the designated recipients, or if it has been published openly.
* Secure
The network should be organized in a way that minimizes the risk of malicious attacks or engineering failure. Information exchanged on the network should meet or exceed the delivery rate and reliability of information exchanged via the Internet.
* Scalable
The network should be organized with the expectation that its scale could reach or even exceed that of todays Internet. Special care should be taken to address to the challenge of maintaining efficiency without the presence of a centralized backbone.
* Permanent
The networks density and redundancy should be great enough that, despite its ad hoc nature, it will persistently operate on a broad scale, and be available in full to any user within range of another peer.
* Fast (enough)
The network should always achieve whatever speed is required for a “bottom line” level of social and cultural participation. At present, we assert that the networks data transfer rate should, at a minimum, be enough for voice-over-IP (VoIP) communications, and low-bitrate streaming video.
* Independent
While the network will have the capacity to exchange information with Internet users and nodes, it should be able to operate independently, as well. A large-scale failure or closure of Internet infrastructure and content should have minimal effect on the networks operations.
* Evolvable
The network should be built with future development in mind. The platform should be flexible enough to support technologies, protocols and modes of usage that have not yet been developed.
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

186
doc/EN/mesh_usage.org Normal file
View File

@ -0,0 +1,186 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: mesh, network, freedombone
#+DESCRIPTION: How to use the Freedombone mesh network
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Mesh Network: How to use it
* [[Boot trouble]]
* [[Set the Date]]
* [[Check network status]]
* [[Connecting to the internet]]
* [[Connecting two meshes over the internet via a VPN tunnel]]
* [[Mobile devices (phones, etc)]]
* [[Chat System]]
* [[Collaborative document editing]]
* [[Social Network]]
* [[Sharing Files]]
* [[Blogging]]
When you first boot from the USB drive the system will create some encryption keys, assign a unique network address to the system and then reboot itself. When that's done you should see a prompt asking for a username. This username just makes it easy for others to initially find you on the mesh and will appear in the list of users.
#+attr_html: :width 100% :align center
[[file:images/mesh_initial_login.jpg]]
After a minute or two if you are within wifi range and there is at least one other user on the network then you should see additional icons appear on the desktop, such as /Other Users/ and /Chat/.
* Boot trouble
If the system doesn't boot and reports an error which includes */dev/mapper/loop0p1* then reboot with *Ctrl-Alt-Del* and when you see the grub menu press *e* and manually change */dev/mapper/loop0p1* to */dev/sdb1*, then press *Ctrl-x*. If that doesn't work then reboot and try */dev/sdc1* instead.
After the system has booted successfully the problem should resolve itself on subsequent reboots.
* Set the Date
On the ordinary internet the date and time of your system would be set automatically via NTP. But this is not the internet and so you will need to manually ensure that your date and time settings are correct. You might need to periodically do this if your clock drifts. It's not essential that the time on your system be highly accurate, but if it drifts too far or goes back to epoch then things could become a little confusing in regard to the order of blog posts.
*Right click on the date* in the top right corner of the screen. Select *preferences*, then click the *Time Settings* button. You can then select the date from the calendar and set the time, then click the *Set System Time* button. Enter the default password, which is /freedombone/.
* Check network status
Unlike with ordinary wifi, on the mesh you don't get a signal strength icon and so it's not simple to see if you have a good connection.
Select the wifi icon on the desktop and enter the password '/freedombone/'. The network configuration will go into a monitoring mode and in the bottom right side of the window you will be able to see signal strength and other parameters. This can help you to locate systems or adjust antennas to get the best wifi performance.
#+attr_html: :width 70% :align center
[[file:images/mesh_signal.jpg]]
When you are finished close the window and then select the /Network Restart/ desktop icon, which will restart the B.A.T.M.A.N. network. You can also use the restart icon if you are within range of the mesh network but the /Chat/ and /Other Users/ icons do not automatically appear after a few minutes.
* Connecting to the internet
#+attr_html: :width 100% :align center
[[file:images/mesh_architecture2.jpg]]
If you need to be able to access the internet from the mesh then connect one of the peers to an internet router using an ethernet cable (shown as yellow above), then reboot it. Other peers in the mesh, including any attached mobile devices, will then be able to access the internet using the ethernet attached peer as a gateway. [[https://en.wikipedia.org/wiki/Freifunk][Freifunk]] works in a similar way.
After connecting one peer to the internet you may need to reboot other peers in order to update their network configurations.
If for legal reasons you need to connect to the internet via a VPN then openvpn is preinstalled and you can run the command:
#+begin_src bash
sudo openvpn myclient.ovpn
#+end_src
Where /myclient.ovpn/ comes from your VPN provider and with the password "/freedombone/".
* Connecting two meshes over the internet via a VPN tunnel
#+attr_html: :width 100% :align center
[[file:images/mesh_architecture_vpn.jpg]]
Maybe the internet exists, but you don't care about getting any content from it and just want to use it as a way to connect mesh networks from different geographical locations together.
In your home directory on a system connected via ethernet to an internet router you'll find a file called *vpn.tar.gz*. If you want another mesh to be able to connect to yours then send them this file and get them to uncompress it into their home directory also on an internet gateway machine. If they have an external IP address or domain name for your router then they will be able to VPN connect using the *Connect Meshes* icon. They should also forward port 653 from their internet router to the mesh gateway machine.
#+attr_html: :width 80% :align center
[[file:images/mesh_connect.png]]
You should create a new *vpn.tar.gz* file for every other mesh which wants to be able to connect to yours. If you are prompted for a password it is 'freedombone'.
From a deep packet inspection point of view the traffic going over the internet between mesh gateways will just look like any other TLS connection to a server.
* Mobile devices (phones, etc)
#+attr_html: :width 100% :align center
[[file:images/mesh_architecture3.jpg]]
To allow mobile devices to connect to the mesh you will need a second wifi adapter connected to your laptop/netbook/SBC. Plug in a second wifi adapter then reboot the system. The second adaptor will then create a wifi hotspot (the connection shown in green above) which mobile devices can connect to. The hotspot name also contains its local IP address (eg. "/mesh-192.168.1.83/").
On a typical Android device go to *Settings* then *Security* and ensure that *Unknown sources* is enabled. Also within *Wifi* from the *Settings* screen select the mesh hotspot. The password is "/freedombone/". Open a non-Tor browser and navigate to the IP address showing in the hotspot name. You can then download and install mesh apps.
#+attr_html: :width 50% :align center
[[file:images/mesh_mobileapps.jpg]]
On some android devices you may need to move the downloaded APK file from the *Downloads* directory to your *home* directory before you can install it.
* Chat System
Ensure that you're within wifi range of at least one other mesh peer (could be a router or client) and then you should see that the /Chat/ and /Other Users/ icons appear. Select the users icon and you should see a list of users on the mesh.
#+attr_html: :width 50% :align center
[[file:images/mesh_peerslist.png]]
Selecting a user followed by the Ok button will copy their Tox ID to the clipboard.
Now select the /Chat/ icon and once you are connected you should see the status light turn green. If after a few minutes you don't get the green status light then try closing and re-opening the Tox chat application. Select the plus button to add a friend and then paste in a Tox ID.
#+attr_html: :width 80% :align center
[[file:images/mesh_paste_tox_id.jpg]]
The other user can then accept or decline your friend request.
#+attr_html: :width 80% :align center
[[file:images/mesh_friend_request.jpg]]
You can also select an avatar by selecting the grey head and shoulders image.
#+attr_html: :width 100% :align center
[[file:images/mesh_choose_avatar.jpg]]
And by selecting the user from the list on the left hand side the chat can begin.
#+attr_html: :width 100% :align center
[[file:images/mesh_text_chat.jpg]]
One important point is that by default the microphone is turned off. When doing voice chat you can select the microphone volume with the drop down slider in the top right corner of the screen.
At present video doesn't work reliably, but text and voice chat do work well.
* Collaborative document editing
The mesh system includes the ability to collaboratively edit various sorts of documents using CryptPad. CryptPad is an almost peer-to-peer system in that it is designed for a client/server environment but that the server aspect of it is very minimal and limited to orchestrating the connected clients. With CryptPad installed on each mesh peer it effectively enables peer-to-peer collaborative editing. Documents are ephemeral and forgotten unless they're exported or copy-pasted to permanent storage.
#+attr_html: :width 100% :align center
[[file:images/mesh_cryptpad1.jpg]]
To create a document click on the CryptPad icon. Depending upon the specifications of your system it may take a few seconds to load, so don't be too disturned if the browser contents look blank for a while. Select _Rich Text Pad_ and give yourself a username.
#+attr_html: :width 100% :align center
[[file:images/mesh_cryptpad2.jpg]]
If you have the chat system running you can then copy and paste the URL for your pad into the chat, and the other user can then open the link and edit the document with you. You can repeat that for however many other users you wish to be able to edit.
* Social Network
Patchwork is available as a social networking system for the mesh. Like all social network systems it has a stream of posts and you can follow or unfollow other users. You can also send private messages to other users with end-to-end encryption.
Double click on the "Social" icon to open the app, then add your nickname and optionally a description. If you want to choose an avatar image some can be found within the directory */usr/share/freedombone/avatars*. On older systems or systems without a hardware random number generator, Patchwork sometimes takes a long time (a few minutes) to open for the first time after clicking the icon. This is most likely due to the initial generation of encryption keys, so be patient.
#+attr_html: :width 80% :align center
[[file:images/patchwork_setup.jpg]]
Other Patchwork users on the mesh will appear automatically under the *local* list and you can select and follow them if you wish. It's also possible to select the dark theme from *settings* on the drop down menu if you prefer.
#+attr_html: :width 80% :align center
[[file:images/patchwork_public.jpg]]
The Secure Scuttlebutt protocol which Patchwork is based upon is intended to be robust to intermittent network connectivity, so you can write posts when out of range and they will sync once you are back in the network.
* Sharing Files
You can make files publicly available on the network simply by dragging and dropping them into the /Public/ folder on the desktop. To view the files belonging to another user select the desktop icon called /Visit a site/ and enter the username or Tox ID of the other user.
#+attr_html: :width 80% :align center
[[file:images/mesh_share_files.jpg]]
* Blogging
To create a blog post select the /Blog/ icon on the desktop and then select *New blog entry* and *Ok*. Edit the title of the entry and add your text. You can also include photos if you wish - just copy them to the *CreateBlog/content/images* directory and then link to them as shown.
#+attr_html: :width 50% :align center
[[file:images/mesh_blog.png]]
To finish your blog entry just select /Save/ and then close the editor. On older hardware it may take a while to publish the results, and this depends upon the amount of computation needed by IPFS to create file hashes. If you make no changes to the default text then the new blog entry will not be saved.
#+attr_html: :width 80% :align center
[[file:images/mesh_new_blog2.jpg]]
#+attr_html: :width 80% :align center
[[file:images/mesh_view_blog.jpg]]
You can also visit other blogs, edit or delete your previous entry and change your blog theme.
#+attr_html: :width 80% :align center
[[file:images/mesh_select_blog_theme.png]]
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

23
doc/EN/meshindex.org Normal file
View File

@ -0,0 +1,23 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: mesh, freedombone, apps
#+DESCRIPTION: Download apps for use on the mesh
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Welcome to the Freedombone Mesh
#+BEGIN_EXPORT html
<center>
<table style="width:80%; border:0">
<tr>
<td><center><b><a href="ssb.apk"><img src="images/ssb.png"/></a></b><br><a href="ssb.apk">Secure Scuttlebutt</a></center></td>
<td><center><b><a href="trifa.apk"><img src="images/trifa.png"/></a></b><br><a href="trifa.apk">Tox</a></center></td>
</tr>
</table>
</center>
#+END_EXPORT

View File

@ -1,47 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Mirroring git repositories
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Mirrors</h1>
</center>
#+END_EXPORT
| [[What are mirrors and why do they exist?]] |
| [[What security do mirrors have?]] |
| [[How do I set up mirrors?]] |
| [[Do mirrors include debian package repositories?]] |
| [[What do I need to do to keep the mirrored repositories updated?]] |
* What are mirrors and why do they exist?
It would be nice if all of the applications used by this project were packaged for Debian, but currently they're not. This means that various upstream git repositories are used and these mostly reside on Github. What if Github were to go away, become paying only or be censored in some manner which was difficult to work around? To guard against this possibility the repositories are mirrored on each install and can then be made available to other users so that new installations or updates could still occur without the original default repos.
* What security do mirrors have?
On each install you have a /mirrors/ user created, whose only purpose is to mirror upstream repositories. A random password is generated for the /mirrors/ user which can be seen within the control panel and so given to other users who may need it.
* How do I set up mirrors?
The interactive installer will ask whether you want to configure the main respositories. Enter the URL, which will typically be an onion address, the ssh port number and the password for the mirrors on that system.
* Do mirrors include debian package repositories?
No. Packages for Debian will still be accessed in the conventional manner.
* Can I change mirrors after the system has been installed
Yes. From the control panel select "/Set the main repository/"
#+BEGIN_CENTER
[[file:images/controlpanel/control_panel_mirrors.jpg]]
#+END_CENTER
* What do I need to do to keep the mirrored repositories updated?
Nothing. That happens as part of regular automatic updates.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT

View File

@ -1,49 +1,22 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, mobile
#+DESCRIPTION: Freedombone mobile setup
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Mobile</h1>
</center>
#+END_EXPORT
Mobile phones are insecure devices, but they're regarded as being so essential to modern life that telling people not to use them isn't a viable option. Here are some recommendations on setting up a mobile phone (aka "smartphone") to work with Freedombone.
#+BEGIN_EXPORT html
<center>
<table style="width:80%; border:0">
<tr>
<td><center><b><h3>Open</h3></b><br>Use a free and open source operating system. Open means more trustworthy</center></td>
<td><center><b><h3>Remove</h3></b><br>If there are any proprietary apps then remove or deactivete them</center></td>
<td><center><b><h3>Encrypt</h3></b><br>Make sure your phone is encrypted with a password which isn't easy to guess</center></td>
</tr>
<tr>
<td><center><b><h3>Apps</h3></b><br>Use F-droid to install new apps</center></td>
<td><center><b><h3>Lock</h3></b><br>Enable a lock screen with a maximum number of password guesses</center></td>
<td><center><b><h3>Onion</h3></b><br>Onion route your connections to avoid bulk metadata collection</center></td>
</tr>
<tr>
<td><center><b><h3>ssh</h3></b><br>Set up ssh access to Freedombone</center></td>
<td><center><b><h3>Services</h3></b><br>Connect to the Freedombone services</center></td>
<td><center><b><h3>Battery</h3></b><br>Avoid battery-eating apps</center></td>
</tr>
</table>
</center>
#+END_EXPORT
* Open
Use a Linux based phone operating system. Typically this will mean Android, but could also mean Cyanogenmod or Replicant. Cyanogen is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by Cyanogenmod. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
Use a Linux based phone operating system. Typically this will mean Android, but could also mean LineageOS or Replicant. LineageOS is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by LineageOS. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
Why is it so important to run Linux on a phone? Aren't /iThings/ supposed to be highly secure? Isn't the CEO of Apple a good guy, fighting for freedom against the evil Feds? In the end it comes down to the fact that /if the source code for the device cannot be independently audited to check for backdoors, bugs and so on, then it can't actually be trusted/. No matter how well-meaning or brave people running companies may be, local laws may force them to add backdoors into their systems or to give away the encryption keys (Lavabit) or they may also do that purely for business reasons such as being able to sell you to their advertising customers and so on.
Why is it so important to run Linux on a phone? Aren't /iThings/ supposed to be highly secure? Don't the "experts" always tell you to just use an iPhone with its supposedly superior secure enclave? Isn't the CEO of Apple a good guy, fighting for freedom against the evil Feds?
In the end it comes down to the fact that /if the source code for the device cannot be independently audited to check for backdoors, bugs and so on, then it can't actually be trusted/. It doesn't matter if there's a supposedly secure enclave on your closed source gadget. No matter how well-meaning or brave people running companies may be, local laws may force them to add backdoors into their systems (sometimes called "technical capabilities order" or "lawful interception") or to give away the encryption keys (Lavabit) or they may also do that purely for business reasons such as being able to sell you to their advertising customers and so on.
* Remove
@ -57,6 +30,8 @@ Encrypt your phone. This can usually be done via *Settings/Security* and you may
Installing *F-droid* and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls.
Avoid using the Open Whisper Systems Signal app if you can, no matter what "experts" say about it. There are multiple reasons for this which you can find in the [[./faq.html][FAQ]].
* Lock
Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called *Locker*, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data.
@ -67,22 +42,78 @@ Both governments and corporations want to compile matadata dossiers about you. W
In F-droid under the *repositories* menu you can enable the *guardian project*, and then install *Orbot*. Within subsequently installed apps, such as those for XMPP chat, there is often a setting which allows the connection to then be routed through Tor. Also you can install *OrFox* and use that as your default browser. Within OrFox for the sites you regularly use you can add a NoScript exception via the menu.
* ssh
The most secure way to access email is via an ssh connection and shell interface. This is not highly convenient, but it does keep your email and GPG key off of the phone which improves your security. If your phone is subsequently stolen then even if an adversary can get past the lock screen /there are no emails stored on the phone/. Install *Connectbot*, generate an RSA key of at least 2048 bits and give it a password. Copy and paste the ssh public key to a pastebin and then add it to /home/myusername/.ssh/authorized keys on Freedombone. Then add an ssh account for the Freedombone, using port 2222. Before you log in you will need to ensure that the ssh key is unlocked. If you lose your phone then you can remove that public key from /authorized_keys/ and anyone in possession of the phone will no longer be able to get ssh access to your system.
This is a /defense in depth/ approach in which there are multiple hurdles which any adversary must overcome in order to get access to your data in a typical theft scenario. So you have the phone encryption, the lock screen with maximum tries and the ssh key password.
* Email
The easiest way to access email is by installing the [[./app_mailpile.html][Mailpile]] app. This keeps your GPG keys off of possibly insecure mobile devices but still enables encrypted email communications in an easy way. You can use K9 mail if you prefer, but that will require installing OpenKeychain and having your GPG keys on the device, which is a lot more risky.
* Services
For information on configuring various apps to work with Freedombone see the [[file:./usage.html][usage section]]. Also see advice on chat apps in the [[file:./faq.html][FAQ]].
For information on configuring various apps to work with Freedombone see the [[file:./apps.html][apps section]]. Also see advice on chat apps in the [[file:./faq.html][FAQ]].
* Battery preservation
* Battery
Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
If you have Syncthing installed then change the settings so that it only syncs when charging and when on wifi. Avoid any apps which might be continuously polling and preventing the device from going into sleep mode when it's not used.
If you're using the Riot mobile app to access a Matrix homeserver then you can significantly improve battery performance by going to the settings and changing *Sync request timeout* to 30 seconds and *Delay between two sync requests* to 600 seconds.
It's also recommended to disable battery optimisations for Conversations and Orbot. If you don't do that then you may have trouble receiving messages or some parts of the protocol may break. That can be done by going to *Settings*, selecting *Battery* then opening the menu (top right) and selecting *Battery optimisations* then selecting *Not optimised* and *All apps*, then finally choosing Conversations and Orbot not to be optimised.
* Blocking bad domains
You can block known bad domains by editing the */system/etc/hosts* file on your device. It is possible to use extensive ad-blocking hosts files used by other ad-blocking systems such as pi-hole, but merely blocking Facebook and Google Analytics will protect you against much of the corporate surveillance which goes on. Even if you don't have a Facebook account this may still be useful since they will still try to create a "ghost profile" of you, so the less data they have the better.
On the device enable *Developer Options* by going to *Settings* then *About* then pressing on *Build number* a few times.
Go to *Settings* then *Developer Options* then set *Root access* to *ADB only* and enable *Android debugging*.
On your system (not the device) install the *android-tools* package. For example, on Arch/Parabola:
#+begin_src bash
sudo pacman -S android-tools
#+end_src
Connect the device to your system via a USB cable, then:
#+begin_src bash
adb root
adb remount
adb pull /system/etc/hosts
#+end_src
Now edit the hosts file which was pulled and append:
#+begin_src bash
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 login.facebook.com
127.0.0.1 www.login.facebook.com
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.com
127.0.0.1 www.fbcdn.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 www.static.ak.connect.facebook.com
127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com
127.0.0.1 ssl.google-analytics.com
127.0.0.1 telemetry.mozilla.org
127.0.0.1 incoming.telemetry.mozilla.org
#+end_src
Then upload the hosts file back again with:
#+begin_src bash
adb push hosts /system/etc/hosts
#+end_src
Once that's done you may want to set *Root access* on the device back to *Disabled* and turn *Android debugging* off.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,49 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Related Projects</h1>
</center>
#+END_EXPORT
#+BEGIN_EXPORT html
<center>
The following projects made Freedombone possible.<br>
<table style="width:80%; border:0">
<tr>
<td><center><a href="https://wiki.nginx.org">Nginx</a></center></td>
<td><center><a href="https://www.openssl.org">Openssl</a></center></td>
<td><center><a href="https://www.gnupg.org">Gnupg</a></center></td>
</tr>
<tr>
<td><center><a href="https://www.debian.org">Debian</a></center></td>
<td><center><a href="https://freedomboxfoundation.org">Freedombox</a></center></td>
<td><center><a href="https://beagleboard.org/products/beaglebone+black">Beagleboard</a></center></td>
</tr>
<tr>
<td><center><a href="https://www.dokuwiki.org/dokuwiki">Dokuwiki</a></center></td>
<td><center><a href="https://gnu.io">GNU Social</a></center></td>
<td><center><a href="https://github.com/redmatrix/hubzilla">Hubzilla</a></center></td>
</tr>
<tr>
<td><center><a href="https://www.torproject.org">Tor</a></center></td>
<td><center><a href="https://prosody.im">Prosody</a></center></td>
<td><center><a href="https://syncthing.net">Syncthing</a></center></td>
</tr>
<tr>
<td><center><a href="https://tox.chat/">Tox</a></center></td>
<td><center><a href="https://bettercrypto.org">Bettercrypto</a></center></td>
</tr>
</table>
</center>
#+END_EXPORT

68
doc/EN/release3.org Normal file
View File

@ -0,0 +1,68 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone
#+DESCRIPTION: Version 3
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 100% :align center
[[file:images/release3.jpg]]
* Building an internet run by the users, for the users
The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without undesirable intermediaries.
Freedombone version 3 is based on Debian 9 (Stretch). It was released in July 2017 and includes:
* Faster initial setup
* More [[./apps.html][installable apps]], including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb
* Automated [[https://github.com/hardenedlinux/STIG-4-Debian][security tests]]
* Improved XMPP configuration for support of the [[https://conversations.im][Conversations]] app features
* Improved blocking controls for a better federated network experience
* Uses [[https://en.wikipedia.org/wiki/EdDSA][elliptic curve]] based GPG keys for better performance on low power single board computers
* Pre-downloaded repos distributed within images for faster and more autonomous app installs
* Installation
The simplest way to install is from a pre-made disk image. Images can be [[https://freedombone.net/downloads/v3][downloaded here]]. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
#+BEGIN_SRC bash
unxz downloadedimagefile.img.xz
dd bs=32M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync,sync,noerror
#+END_SRC
And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store.
Plug the microSD or USB drive into the target hardware which you want to use as a server and power on. If you're using an old laptop or netbook as the server then you will need to set the BIOS to boot from USB.
As the system boots for the first time the login is:
#+BEGIN_SRC bash
username: fbone
password: freedombone
#+END_SRC
If you're installing from a microSD card on a single board computer without a screen and keyboard attached then you can ssh into it with:
#+BEGIN_SRC bash
ssh fbone@freedombone.local -p 2222
#+END_SRC
Using the initial password "freedombone". If you have trouble accessing the server then make sure you have Avahi installed and [[https://en.wikipedia.org/wiki/Multicast_DNS][mDNS]] enabled.
You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
More detailed installation instructions are linked from [[./index.html][the main site]].
* Upgrading from a previous install
To upgrade from the Debian Jessie version first create a master keydrive. Go to the *Administrator control panel* and select *Backup and restore* then *Backup GPG key to USB (master keydrive)*. Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting *Backup data to USB drive* and using another LUKS encrypted USB drive.
Follow the installation infstructions for the new Freedombone version, as described in the previous section. When the new system starts installing it will ask if you want to restore your GPG keys. Select *yes* and plug in your master keydrive.
When the initial setup is complete go to the *Administrator control panel* and select *Backup and restore* then *Restore data from USB drive* followed by *all*. Insert the backup USB drive which you made previously. This will restore the base system, including any emails.
You can now go to *Add/Remove apps* on the *Administrator control panel* and add the apps you want. Once they're installed you can recover their content and settings from *Backup and Restore*.

70
doc/EN/release31.org Normal file
View File

@ -0,0 +1,70 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone
#+DESCRIPTION: Version 3.1
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* *Version 3.1, 2018-04-15*
Newer and shinier than before, [[./index.html][Freedombone]] 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use [[./usage_email.html][email with onion and I2P addresses]]. New apps are:
* [[./app_akaunting.html][Akaunting]]: Personal or small business accounts
* [[./app_bdsmail.html][bdsmail]]: Avoid PGP complexity by using email over I2P
* [[./app_bludit.html][Bludit]]: Painless markdown blogging
* [[./app_edith.html][Edith]]: The simplest possible note taking system
* [[./app_icecast.html][Icecast]]: Run your own internet radio station
* [[./app_peertube.html][PeerTube]]: Peer-to-peer video hosting system
* [[./app_pleroma.html][Pleroma]]: Ultra lightweight fediverse instance with Mastodon compatibility
The [[./mesh.html][mesh version]] now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with [[https://libremesh.org][LibreMesh]]. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
There is a new [[./socialinstance.html][social instance]] image build option, if you want to be able to rapidly deploy fediverse instances, and a [[./devguide.html][template command]] for quickly adding new apps to the system which automates a lot of the boilerplate.
According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed [[https://www.wired.co.uk/article/open-letter-mark-zuckerberg-congress][public criticism]] as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley generally and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
This is where we make our stand. If the internet falls then so too does freedom.
The future is decentralized.
* Installation
The simplest way to install is from a pre-made disk image. Images can be [[https://freedombone.net/downloads/v31][downloaded here]]. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
#+BEGIN_SRC bash
unxz downloadedimagefile.img.xz
dd bs=32M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync,sync,noerror
#+END_SRC
And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store.
Plug the microSD or USB drive into the target hardware which you want to use as a server and power on. If you're using an old laptop or netbook as the server then you will need to set the BIOS to boot from USB.
As the system boots for the first time the login is:
#+BEGIN_SRC bash
username: fbone
password: freedombone
#+END_SRC
If you're installing from a microSD card on a single board computer without a screen and keyboard attached then you can ssh into it with:
#+BEGIN_SRC bash
ssh fbone@freedombone.local -p 2222
#+END_SRC
Using the initial password "freedombone". If you have trouble accessing the server then make sure you have Avahi installed and [[https://en.wikipedia.org/wiki/Multicast_DNS][mDNS]] enabled.
You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
More detailed installation instructions are linked from [[./installmethods.html][the main site]].
* Upgrading from a previous install
To upgrade from version 3 just go to the *administrator control panel* and select *check for updates*.

47
doc/EN/security.org Normal file
View File

@ -0,0 +1,47 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, security, ssh, debian, beaglebone
#+DESCRIPTION: Improving security
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Authentication with keys
It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
#+begin_src bash
freedombone-client
#+end_src
On your local system (i.e. whatever you're logging in to the Freedombone system from, typically a laptop). Then:
#+begin_src
ssh myusername@freedombone.local -p 2222
#+end_src
Select *Administrator controls* and re-enter your password, then *Manage Users* and *Change user ssh public key*. Copy and paste the ssh public keys which appeared after the *freedombone-client* command was run. Then go to *Security settings* and select *Allow ssh login with passwords* followed by *no*.
You'll need to make sure that you have a copy of the ~/.ssh directory on your local system. You could just copy that directory to a USB drive and then keep that somewhere safe so that you can restore the keys if you need to.
* Administrating the system via an onion address (Tor)
You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
#+BEGIN_SRC bash
ssh username@freedombone.local -p 2222
#+END_SRC
Select /Administrator controls/ then select "About this system" and look for the onion address for ssh. You can then close the terminal and open another, then do the following on your local system:
#+BEGIN_SRC bash
freedombone-client
#+END_SRC
This will set up your ssh environment to be able to handle onion addresses. Then you can test ssh with:
#+BEGIN_SRC bash
ssh username@address.onion -p 2222
#+END_SRC
Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating.

85
doc/EN/socialinstance.org Normal file
View File

@ -0,0 +1,85 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, debian, social, fediverse, instance, pleroma, gnusocial, postactiv
#+DESCRIPTION: Social Instance
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
* Social Instance
A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:
* An old laptop, capable of booting from USB
* A USB drive, preferably Sandisk and 16GB or larger
* An ethernet patch cable
* A domain name of your own
* A dynamic DNS account
* Ability to alter settings on your internet router
The installation process is the same as usual, with the only difference being that on initial setup it will go straight to the domain setup details for your instance. In summary:
* Copy the image to the USB drive
Substitute *sdX* with the device name for your USB drive.
#+begin_src bash
sudo apt-get install xz-utils nodejs
npm install -g dat
dat clone dat://231b24dbeef3c3f7b115b9c7cd02e416b382df0a1050ef66f94b988fc8dae92e/
cd 231b24dbeef3c3f7b115b9c7cd02e416b382df0a1050ef66f94b988fc8dae92e
gpg --verify freedombone-pleroma-amd64.img.xz.sig
unxz freedombone-pleroma-amd64.img.xz
sudo dd if=/dev/zero of=/dev/sdX bs=32M count=8
sudo dd bs=32M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync,sync,noerror
#+end_src
Also note that if the laptop has a removable SSD drive it's possible to copy the image directly to that if you have enough equipment.
* Connect the laptop to your internet router
Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.
#+attr_html: :width 100% :align center
[[file:images/laptop_router.jpg]]
* Boot the laptop from the USB drive
You may need to alter the BIOS settings to get this to work reliably.
#+attr_html: :width 100% :align center
[[file:images/bios_boot_usb.jpg]]
* Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop
Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.
#+attr_html: :width 100% :align center
[[file:images/port_forwarding.png]]
* From another machine ssh into the laptop
#+begin_src bash
ssh fbone@freedombone.local -p 2222
#+END_SRC
Or alternatively you can log in directly on the laptop. The initial username is *fbone* and the password is *freedombone*. You should make sure you write down or copy the new password when it is shown.
* Follow the setup procedure
Enter your user details, domain name and dynamic DNS settings.
* When installation is complete
Navigate to your domain and register a new user.
#+attr_html: :width 100% :align center
[[file:images/pleroma_register.jpg]]
More details about setting up and using Pleroma [[./app_pleroma.html][can be found here]].
#+attr_html: :width 50% :align center
[[file:images/tusky.jpg]]

View File

@ -1,32 +1,48 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, support
#+DESCRIPTION: How to support the Freedombone project
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Support</h1>
</center>
#+END_EXPORT
* Support
* Contact details
This site can also be accessed via a Tor browser at *http://2tp3f6vtvhkqpuc6.onion*
This site can also be accessed via a Tor browser at *http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion*
*Email:* bob@freedombone.net
Or via Dat/Beaker:
*dat://676db9db2e04a604ea6dbc798bb0d327a335c19b4856ac496ae4bb34e367633a/*
*PGP/GPG Key ID:* EA982E38
*Email/XMPP:* bob@freedombone.net (XMPP only works with OMEMO or OpenPGP)
*PGP/GPG Fingerprint:* D538 1159 CD7A 2F80 2F06 ABA0 0452 CC7C EA98 2E38
*PGP/GPG Public key:*
#+BEGIN_SRC bash
-----BEGIN PGP PUBLIC KEY BLOCK-----
*XMPP:* bob@freedombone.net with OMEMO or OTR
mDMEWZBueBYJKwYBBAHaRw8BAQdAKx1t6wL0RTuU6/IBjngMbVJJ3Wg/3UW73/PV
I47xKTS0IUJvYiBNb3R0cmFtIDxib2JAZnJlZWRvbWJvbmUubmV0PoiQBBMWCAA4
FiEEmruCwAq/OfgmgEh9zCU2GR+nwz8FAlmQbngCGwMFCwkIBwMFFQoJCAsFFgID
AQACHgECF4AACgkQzCU2GR+nwz/9sAD/YgsHnVszHNz1zlVc5EgY1ByDupiJpHj0
XsLYk3AbNRgBALn45RqgD4eWHpmOriH09H5Rc5V9iN4+OiGUn2AzJ6oHuDgEWZBu
eBIKKwYBBAGXVQEFAQEHQPRBG2ZQJce475S3e0Dxeb0Fz5WdEu2q3GYLo4QG+4Ry
AwEIB4h4BBgWCAAgFiEEmruCwAq/OfgmgEh9zCU2GR+nwz8FAlmQbngCGwwACgkQ
zCU2GR+nwz+OswD+JOoyBku9FzuWoVoOevU2HH+bPOMDgY2OLnST9ZSyHkMBAMcK
fnaZ2Wi050483Sj2RmQRpb99Dod7rVZTDtCqXk0J
=gv5G
-----END PGP PUBLIC KEY BLOCK-----
#+END_SRC
#+attr_html: :width 60% :align center
[[file:images/pubkey.png]]
*XMPP channel:* support@chat.freedombone.net (Requires membership. Ask via XMPP to *bob@freedombone.net*)
*Matrix:* #fbone:matrix.freedombone.net
*Tox:* 82DD53788AB400843BC75EA96B62DD6C76D2B13E476B995B13C49920A3C8FD32E5365A82FA83
@ -45,22 +61,20 @@ Testing of the install on different hardware. Also pentesting on test installati
** Web design and artwork
A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the [[https://www.mediagoblin.org/][Mediagoblin]] project, and attractive graphics can help to get people initially interested.
** Howto videos
If you're good at making videos then a howto for installing Freedombone onto various types of hardware, or testing the mesh system in realistic/exotic scenarios would be good. You could even host videos on PeerTube or Mediagoblin.
** More education and promotion
#+BEGIN_CENTER
#+attr_html: :width 50% :align center
[[./images/educate.png]]
#+END_CENTER
Many people are unaware that running their own internet services /is even a possibility/. Many also believe that internet services can be provided only if they're supported by advertising or donations, and that only gigantic data centres have enough computing capacity to serve web pages on a worldwide scale. Others may be fearful of encryption due to misrepresentations or misunderstandings of it in the mainstream media. Some may be intimidated by the apparent complexity and think that you need to be some sort of silicon valley genius in order to run a web service on your own. Even many technically-minded folks often believe that they can't run a home server unless they have a static IP address, which isn't true, and others are put off by thinking that any such server will be immediately [[https://en.wikipedia.org/wiki/Pwn][pwned]] by blackhat hackers.
Raising awareness beyond the near zero current level, overcoming fear and paranoia and dispelling some of the prevalent myths will definitely help.
** Translations
To add translations modify the json files within the *locale* subdirectory. Then make a pull request on the [[https://github.com/bashrc/freedombone][Github site]].
To add translations modify the json files within the *locale* subdirectory. Then make a pull request on [[https://code.freedombone.net/bashrc/freedombone][code.freedombone.net]] or send patches via email to bob@freedombone.net.
** Packaging
Helping to package GNU Social and Hubzilla for Debian would be beneficial.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,95 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Usage</h1>
</center>
#+END_EXPORT
| [[Readme]] |
| [[Improving ssh security]] |
| [[Administrating the system via an onion address (Tor)]] |
| [[./mobile.html][Mobile advice]] |
| [[./usage_email.html][Using Email]] |
| [[./app_syncthing.html][Syncing to the Cloud]] |
| [[./app_dlna.html][Play Music]] |
| [[./app_gnusocial.html][Microblogging (GNU Social)]] |
| [[./app_postactiv.html][Microblogging (PostActiv)]] |
| [[./app_ghost.html][Blogging with Ghost]] |
| [[./app_htmly.html][Blogging with HTMLy]] |
| [[./app_hubzilla.html][Social Network]] |
| [[./app_lychee.html][Photo albums]] |
| [[./app_dokuwiki.html][Wiki]] |
| [[./app_etherpad.html][Collaborative document editing]] |
| [[./app_irc.html][Multi-user chat with IRC]] |
| [[./app_xmpp.html][XMPP/Jabber]] |
| [[./app_tox.html][Tox]] |
| [[./app_mumble.html][Mumble]] |
| [[./app_mailpile.jtml][Mailpile]] |
| [[./app_rss.html][RSS Reader]] |
| [[./app_radicale.html][CalDAV calendar server]] |
| [[./app_gogs.html][Git Projects]] |
| [[Adding or removing users]] |
| [[./app_pihole.html][Blocking Ads]] |
* Improving security
It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
#+begin_src bash
freedombone-client
#+end_src
On your local system (i.e. whatever you're logging in to the Freedombone system from, typically a laptop). Then:
#+begin_src
ssh myusername@freedombone.local -p 2222
#+end_src
Select *Administrator controls* and re-enter your password, then *Manage Users* and *Change user ssh public key*. Copy and paste the ssh public keys which appeared after the *freedombone-client* command was run. Then go to *Security settings* and select *Allow ssh login with passwords* followed by *no*.
You'll need to make sure that you have a copy of the ~/.ssh directory on your local system. You could just copy that directory to a USB drive and then keep that somewhere safe so that you can restore the keys if you need to.
* Administrating the system via an onion address (Tor)
You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
#+BEGIN_SRC bash
ssh username@freedombone.local -p 2222
#+END_SRC
Select /Administrator controls/ then select "About this system" and look for the onion address for ssh. You can then close the terminal and open another, then do the following on your local system:
#+BEGIN_SRC bash
freedombone-client
#+END_SRC
This will set up your ssh environment to be able to handle onion addresses. Then you can test ssh with:
#+BEGIN_SRC bash
ssh username@address.onion -p 2222
#+END_SRC
Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating.
* Adding or removing users
Log into the system with:
#+BEGIN_SRC bash
ssh username@domainname -p 2222
#+END_SRC
Select *Administrator controls* then *User Management*. Depending upon the type of installation after selecting administrator controls you might need to enter:
#+BEGIN_SRC bash
sudo su
control
#+END_SRC
[[file:images/controlpanel/control_panel_manage_users.jpg]]

View File

@ -1,20 +1,13 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+KEYWORDS: freedombone, email
#+DESCRIPTION: How to use email on Freedombone
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Email</h1>
</center>
#+END_EXPORT
| [[Things to be aware of]] |
| [[A technical note about email transport security]] |
@ -22,11 +15,11 @@
| [[Publishing your GPG public key]] |
| [[Mutt email client]] |
| [[Thunderbird/Icedove]] |
| [[K9 Android client]] |
| [[Android apps]] |
| [[Subscribing to mailing lists]] |
| [[Adding email addresses to a group/folder]] |
| [[Ignoring incoming emails]] |
| [[Your own mailing list]] |
| [[Using I2P for email transport]] |
* Things to be aware of
Even though this system makes it easy to set up an email server, running your own email system is still not easy and this is mainly due to the huge amount of collatoral damage caused by spammers over a long period of time, which in turn is due to the inherent insecurity of email protocols which enabled spam to become a big problem. Email is still very popular though and most internet services require that you have an email address in order to register.
@ -40,8 +33,10 @@ Port 465 is used for SMTP and this is supposedly deprecated for secure email. Ho
From https://motherboard.vice.com/read/email-encryption-is-broken:
#+BEGIN_QUOTE
The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor
/The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor/
#+END_QUOTE
A way to avoid these pitfalls altogether is to use onion addresses (see the section below) or [[./app_bdsmail.html][I2P addresses]] for email. These are not so convenient because they use long random strings which aren't memorable as addresses, but they do give a strong assurance that whoever recieves the message is the intended recipient and that emails can't be read passively during their transport across the internet.
* Add a password to your GPG key
If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
@ -65,10 +60,8 @@ gpg --send-keys username@domainname
exit
#+END_SRC
* Mutt email client
#+BEGIN_CENTER
#+attr_html: :width 80% :align center
[[./images/mutt.jpeg]]
#+END_CENTER
Mutt is a terminal based email client which comes already installed onto the Freedombone. To access it you'll need to access it via ssh with:
@ -202,232 +195,8 @@ By default you won't be able to see any folders which you may have created earli
Make sure that "*show only subscribed folders*" is not checked. Then click the *ok* buttons. Folders will be re-scanned, which may take some time depending upon how much email you have, but your folders will then appear.
* K9 Android client
*** A point about GPG on Android
Before trying to set up email on Android you may want to consider whether you really need to do this. Android (and its variants) is not a particularly secure operating system and whether or not you wish to store GPG keys on it depends on your threat model and in what situations you'll be using your device.
If you are going to use email on an Android device then ensure that you have full encryption enabled via the security settings, so that if you subsequently lose it, or if it gets stolen, the chances of encryption keys being exposed are minimised.
*** Compiling the development version
To get K9 working with Freedombone you'll need to install development versions of OpenKeychain and K9. At the time of writing the versions available in F-Droid do not support PGP/MIME or the "hidden recipient" feature of GPG. It is hoped that at some stage the patches will be integrated into the mainline or functionally equivalent changes made. Admittedly, this is not at all user friendly, but currently it's the only way to read Freedombone email on Android systems.
Build script for OpenKeychain:
#+BEGIN_SRC bash
mkdir ~/develop
cd ~/develop
git clone https://github.com/bashrc/open-keychain
cd open-keychain
git checkout origin/bashrc/hidden-recipient-minimal
git checkout -b bashrc/hidden-recipient-minimal
cd tools
nano build.sh
#+END_SRC
Then add the following:
#+BEGIN_SRC bash
#!/bin/bash
# This script is intended to be used on Debian systems for building
# the project. It has been tested with Debian 8
USERNAME=$USER
SIGNING_NAME='openkeychain'
SDK_VERSION='r23.3.4'
SDK_DIR=$HOME/android-sdk
cd ..
PROJECT_HOME=$(pwd)
sudo apt-get install build-essential default-jdk \
lib32stdc++6 lib32z1 lib32z1-dev
if [ ! -d $SDK_DIR ]; then
mkdir -p $SDK_DIR
fi
cd $SDK_DIR
# download the SDK
if [[ ! -f $SDK_DIR/android-sdk_$SDK_VERSION-linux.tgz ]]; then
wget https://dl.google.com/android/android-sdk_$SDK_VERSION-linux.tgz
fi
tar -xzvf android-sdk_$SDK_VERSION-linux.tgz
SDK_DIR=$SDK_DIR/android-sdk-linux
echo 'Check that you have the SDK tools installed for Android 22, SDK 21.1.2'
export ANDROID_HOME=$SDK_DIR
echo "sdk.dir=$SDK_DIR" > $ANDROID_HOME/local.properties
export PATH=${PATH}:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools
cd $SDK_DIR/tools
./android sdk
if [ ! -f $SDK_DIR/tools/android ]; then
echo "$SDK_DIR/tools/android not found"
exit -1
fi
cd $SDK_DIR
chmod -R 0755 $SDK_DIR
chmod a+rx $SDK_DIR/tools
# android sdk
cd $PROJECT_HOME
git submodule init && git submodule update
if [ ! -f $SDK_DIR/tools/templates/gradle/wrapper/gradlew ]; then
echo "$SDK_DIR/tools/templates/gradle/wrapper/gradlew not found"
exit -2
fi
. $PROJECT_HOME/gradlew assembleDebug
# cleaning up
cd $PROJECT_HOME/OpenKeychain/build/outputs/apk
if [ ! -f OpenKeychain-debug.apk ]; then
echo 'OpenKeychain-debug.apk was not found'
exit -3
fi
echo 'Build script ended successfully'
echo -n 'apk is available at: '
echo "$PROJECT_HOME/OpenKeychain/build/outputs/apk/OpenKeychain-debug.apk"
exit 0
#+END_SRC
Save and exit with *CTRL-o*, *CTRL-x*.
#+BEGIN_SRC bash
chmod +x build.sh
./build.sh
#+END_SRC
Build script for K9:
#+BEGIN_SRC bash
cd ~/develop
git clone https://github.com/k9mail/k-9
cd k-9
cd tools
nano build.sh
#+END_SRC
Then add the following:
#+BEGIN_SRC bash
#!/bin/bash
# This script is intended to be used on Debian systems for building
# the project. It has been tested with Debian 8
USERNAME=$USER
SIGNING_NAME='k-9'
SDK_VERSION='r24.3.3'
SDK_DIR=$HOME/android-sdk
cd ..
PROJECT_HOME=$(pwd)
sudo apt-get install build-essential default-jdk \
lib32stdc++6 lib32z1 lib32z1-dev
if [ ! -d $SDK_DIR ]; then
mkdir -p $SDK_DIR
fi
cd $SDK_DIR
# download the SDK
if [ ! -f $SDK_DIR/android-sdk_$SDK_VERSION-linux.tgz ]; then
wget https://dl.google.com/android/android-sdk_$SDK_VERSION-linux.tgz
tar -xzvf android-sdk_$SDK_VERSION-linux.tgz
fi
SDK_DIR=$SDK_DIR/android-sdk-linux
echo 'Check that you have the SDK tools installed for Android 17, SDK 19.1'
if [ ! -f $SDK_DIR/tools/android ]; then
echo "$SDK_DIR/tools/android not found"
exit -1
fi
cd $SDK_DIR
chmod -R 0755 $SDK_DIR
chmod a+rx $SDK_DIR/tools
ANDROID_HOME=$SDK_DIR
echo "sdk.dir=$SDK_DIR" > $ANDROID_HOME/local.properties
PATH=${PATH}:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools
android sdk
cd $PROJECT_HOME
if [ ! -f $SDK_DIR/tools/templates/gradle/wrapper/gradlew ]; then
echo "$SDK_DIR/tools/templates/gradle/wrapper/gradlew not found"
exit -2
fi
. $PROJECT_HOME/gradlew assembleDebug
# cleaning up
cd $PROJECT_HOME/k9mail/build/outputs/apk
if [ ! -f k9mail-debug.apk ]; then
echo 'k9mail-debug.apk was not found'
exit -3
fi
echo 'Build script ended successfully'
echo -n 'apk is available at: '
echo "$PROJECT_HOME/k9mail/build/outputs/apk/k9mail-debug.apk"
exit 0
#+END_SRC
Save and exit with *CTRL-o*, *CTRL-x*.
#+BEGIN_SRC bash
chmod +x build.sh
./build.sh
#+END_SRC
*** Import your GPG key into OpenKeychain
With your device connected to a laptop via USB cable and with USB debugging enabled on it:
#+BEGIN_SRC bash
ssh username@domainname -p 2222
gpg --list-keys username@domainname
gpg --output ~/public_key.gpg --armor --export KEY_ID
gpg --output ~/private_key.gpg --armor --export-secret-key KEY_ID
cat ~/public_key.gpg ~/private_key.gpg > ~/mygpgkey.asc
exit
scp -P 2222 username@domainname:/home/username/mygpgkey.asc ~/
sudo apt-get install android-tools-adb
push ~/mygpgkey.asc /sdcard/
shred -zu ~/mygpgkey.asc
#+END_SRC
Then on your device select OpenKeychain and import your key from file.
*** Incoming server settings
* Select settings/account settings
* Select Fetching mail/incoming server
* Enter your username and password
* IMAP server should be your domain name
* Security: SSL/TLS (always)
* Authentication: Plain
* Port: 993
*** Outgoing (SMTP) server settings
* Select settings/account settings
* Select Sending mail/outgoing server
* Set SMTP server to your domain name
* Set Security to SSL/TLS (always)
* Set port to 465
* Set authentication to PLAIN
* Enter your username and password
* Accept the SSL certificate
*** Crypto settings
Select *settings*, *Account settings*, *OpenKeychain* and then select your key and press *Allow*. You should now be able to decrypt emails by entering your GPG passphrase.
You may also want to change the amount of time for which passwords are remembered, so that you don't need to enter your passphrase very often.
*** Folders
To view any new folders which you may have created using the /mailinglistrule/ script from your inbox press the *K9 icon* at the top left to access folders, then press the *menu button* and select *refresh folder list*.
If your folder still doesn't show up then press the *menu button*, select *show folders* and select *all folders*.
* Android apps
Mobile devices have a reputation for being quite insecure, so it's recommended that you don't store emails or GPG keys on your phone. Instead [[./app_mailpile.html][install Mailpile]] and access your email via the webmail interface.
* Subscribing to mailing lists
To subscribe to a mailing list log in as your user (i.e. not the root user).
@ -452,19 +221,13 @@ ssh username@domainname -p 2222
#+END_SRC
Select /Administrator controls/ then *Email filtering rules* then *Block/Unblock and email address* or *Block/Unblock email with subject line*. Also see the manpage for *freedombone-ignore*.
* Your own mailing list
If you want to set up a public mailing list then when installing the system remember to set the *PUBLIC_MAILING_LIST* variable within *freedombone.cfg* to the name of your list. The name should have no spaces in it. Public mailing lists are unencrypted so anyone will be able to read the contents, including non subscribers.
* Using onion email addresses
By default this system comes with the ability to send and receive emails using onion addresses as the domain name. On the *user control panel* if you select *Show your email address* then you should find one ending with /dot onion/. You will also see a QR code for that address, which provides a simple way to transfer it to a mobile phone if necessary.
To subscribe to your list send a cleartext email to:
If you want to give your onion email address to someone else securely then you can use the QR code to transfer it to a phone and copy and paste the address into an encrypted chat app, such as Conversations. Of course they will probably also need to be running Freedombone or some system capable of handling onion email addresses.
#+BEGIN_SRC bash
mymailinglistname+subscribe@domainname
#+END_SRC
When sending email from an onion address it's not strictly necessary to use GPG/PGP. Tor handles the transport security by itself. You can still use it though if you prefer to have an extra layer of message security. You can also still use onion email addresses even if your ISP blocks the typical email ports (25 and 465).
Tip: When using the Mutt email client if you want to send an email in cleartext then press *p* (for PGP) on the sending screen and select *clear*. Unsecure email is treated as being the exception rather than the default.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT
If you don't make your onion email address public then it should be fairly resisent to spam, since spammers won't be able to randomly guess onion addresses (there are far too many), whereas it's a lot easier for them to do that with conventional domain names.
* Using I2P for email transport
For the most paranoid use cases it is also possible to use I2P as an email transport mechanism. This will of course require the people you're communicating with to have a similar setup in place. For details see the [[./app_bdsmail.html][bdsmail app]]. An advantage of this is that it's very unlikely that your email will get blocked. The disadvantage is that few others will be capable of receiving email this way, and it's only really usable via the Mutt email client.

24
doc/EN/users.org Normal file
View File

@ -0,0 +1,24 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, debian, beaglebone, users
#+DESCRIPTION: Adding or removing users
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+attr_html: :width 80% :height 10% :align center
[[file:images/logo.png]]
Log into the system with:
#+BEGIN_SRC bash
ssh username@domainname -p 2222
#+END_SRC
Select *Administrator controls* then *User Management*.
#+attr_html: :width 80% :align center
[[file:images/controlpanel/control_panel_manage_users.jpg]]
#+attr_html: :width 10% :height 2% :align center
[[file:fdl-1.3.txt][file:images/gfdl.png]]

View File

@ -1,50 +0,0 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Variants</h1>
</center>
#+END_EXPORT
Freedombone may be installed either in its entirety or as different variants with a more specialised purpose. So for example if you just want to run a blog but don't care about any other services then you can do that. The following variants are available:
#+BEGIN_EXPORT html
<center>
<table style="width:80%; border:0">
<tr>
<td><center><b>Mailbox</b><br>An email server with GPG encryption</center></td>
<td><center><b>Cloud</b><br>Sync and share files. Never lose important files again</center></td>
</tr>
<tr>
<td><center><b>Social</b><br>Social networking with Hubzilla and GNU Social</center></td>
<td><center><b>Media</b><br>Runs media services such as DLNA to play music or videos on your devices</center></td>
</tr>
<tr>
<td><center><b>Writer</b><br>Host your blog and wiki</center></td>
<td><center><b>Chat</b><br>Encrypted IRC, XMPP, Tox and VoIP services for one-to-one and many-to-many chat</center></td>
</tr>
<tr>
<td><center><b>Developer</b><br>Github-like system to host your software projects</center></td>
<td><center><b>Mesh</b><br>A wireless mesh network which is like the internet, but not the internet</center></td>
</tr>
</table>
</center>
#+END_EXPORT
Non-mesh installs also come with an RSS reader which provides strong reading privacy on desktop and mobile via the use of a Tor onion service.
#+BEGIN_EXPORT html
<center>
Return to the <a href="index.html">home page</a>
</center>
#+END_EXPORT

View File

@ -1,4 +0,0 @@
Since compiling Atheros drivers for use with a wifi dongle on the Beaglebone Black takes a long time pre-compiled drivers are also available here. These may be extracted into /lib/firmware/ before beginning the main installation via 'freedombone menuconfig'.
sha256:
7eb9324681f03c7630ed01e490ea447dfbd96c9b5389e45b64e4646d1be16ff1 ath9k_htc_driver_bbb.tar.gz

Some files were not shown because too many files have changed in this diff Show More